Lest all the recent posts about “pull”-based identity make you think that I have completely forgotten about good old “push”-based identity provisioning, here is some news on that. As I have discussed here in the past, SPML has been under a cloud in recent years, with low adoption and a litany of issues being documented. [...]
Posts under ‘Insight IdM’
“Pull” is about Evolution, not Revolution
Ben has responded to my response by vigorously defending his stance against the pull movement. His statement that “…this will take more effort than it will return in value” is correct in identifying what enterprises should focus on – a cost-benefit analysis – but not in his estimation of how to do the valuation. I [...]
“Push vs Pull” in Identity Management
My friend Ben Goodman over at Novell recently wrote a blog post arguing against the “future of identity is pull” movement that seems to be sweeping the nation (well, at least the hallways at the recent Catalyst conference). I’ll give him credit for having the conviction to go against the grain here, since the idea [...]
Beyond SPML: Access Provisioning in a Services World
Another Burton Group Catalyst conference has come to a close, and as always it was a treasure trove of stories, ideas and conversations. Which is why it was great to have the uncertainty around the conference laid to rest when it was announced that it will be back next year (July 26-29 in San Diego, [...]
Time to Catalyse Some Change in Provisioning
It’s Burton Group Catalyst time again, and I will be pushing forward in my quest to advance access provisioning to the next level. I will be giving a talk on “Beyond SPML: Access Provisioning in a Services World” tomorrow (Wednesday, July 28 2010) at 11:20 am, part of the “provisioning needs to change” block (it [...]
The Challenge of Security Questions
Jackson Shaw just wrote about a website called goodsecurityquestions.com. As the name indicates, it’s a site that purports to distinguish between good and bad questions to employ when setting up for your identity re-verification challenges (for when you forget your password or need to execute a high-value transaction, for instance). The same site also (correctly) [...]
Fed-Prov and the Cloud: JIT Provisioning.Next
In my last post, I discussed the basic architectural model of Just-In-Time Provisioning, and some challenges it has in addressing enterprise needs related to cloud computing. In this post, I will propose some possible enhancements to the basic architecture that could address those challenges. Each of these solutions could be viable, though each seems to [...]
Fed-Prov and the Cloud: JIT Provisioning to the Rescue?
In my last post, I talked about Advance Provisioning, and how it was problematic in the cloud world because of the integration work and pre-defined business relationships (at an IT level) it requires. A lot of the appeal in using and delivering cloud-based services is the ability to enable short-lived and limited-use business relationships (case [...]
Advance (Federated) Provisioning and the Cloud
It’s pretty gratifying that some really smart people are doing a deep-dive on the ideas I threw out there in my “Federated Provisioning and the Cloud” deck and challenging some of the ideas in there. Means that I get to tap into the brain power out there in the identity community to flesh out the [...]
My GlueCon Talk on “Federated Provisioning and the Cloud”
Last week I attended GlueCon, a 2-day developer-oriented conference focusing on the technologies that make/will make the cloud go. As usual, Eric Norlin and team did an excellent job curating a conference with lots of interesting content, some of which was quite new to me. And the energy levels were extremely high (I can’t remember [...]
