Month: August 2010

Upcoming Webcast on Service-Oriented Security

You’ve seen me blog a whole lot about Service-Oriented Security over the years; now you can also hear me talk about it. I’ll be doing a live webcast on “Service-Oriented Security: Blazing a New Trail of Innovation in Application Security” on Wednesday, August 25th (that’s tomorrow!) at 11:00 a.m. PT/2:00 p.m. ET . In it,

Pushing forward on Standards-based Provisioning

Lest all the recent posts about “pull”-based identity make you think that I have completely forgotten about good old “push”-based identity provisioning, here is some news on that. As I have discussed here in the past, SPML has been under a cloud in recent years, with low adoption and a litany of issues being documented.

Identity Services should be like Vitamins, not Crack

OK, so it’s a ridiculous title. But hear me out. Matt Flynn brought to my attention an article in which Dale Olds talks about the need for hosters (companies that provide the platform on which you deploy your Cloud/SaaS applications) to provide identity services (and as Matt points out, security services in general) as part

“Pull” is about Evolution, not Revolution

Ben has responded to my response by vigorously defending his stance against the pull movement. His statement that “…this will take more effort than it will return in value” is correct in identifying what enterprises should focus on – a cost-benefit analysis – but not in his estimation of how to do the valuation. I

“Push vs Pull” in Identity Management

My friend Ben Goodman over at Novell recently wrote a blog post arguing against the “future of identity is pull” movement that seems to be sweeping the nation (well, at least the hallways at the recent Catalyst conference). I’ll give him credit for having the conviction to go against the grain here, since the idea