In my last post, I talked about the SIG meetings that I attended prior to the conference actually starting. There was lots of good content and discussion, which continued on into the actual sessions. I had thought of splitting my time between the Identity and Cloud Computing (new to Catalyst this year) tracks. But the [...]
Posts Tagged ‘Role Management’
Welcoming Jeff Shukis to the Oracle Blogs network
My colleague Jeff Shukis, who used to be VP of Engineering and Operations at Bridgestream, has started a blog of his own to talk about identity management, role management in particular. In his first post, he has started a deeper dive into the shortcomings of the NIST RBAC standard, an issue that I raised a [...]
Delving deeper into Relationship-based RBAC
Ian Glazer thinks that I have opened Pandora’s box by talking about the need to bring context and intent into the area of RBAC by using relationships (one of many ways to express context). I think it’s a topic ripe for some discussion, so I’m glad to be the one taking the lid off. Mat [...]
My Next Attempt at Controversy: Roles and the (ir)relevance of NIST
Well, I think I am done talking about directories now, especially after reading Ian Yip’s hilarious recap of the debate, as it were. Having now appeared as a significant bit player in this drama, I have decided to leave it in the hands of more capable people like Clayton and am moving on to familiar [...]
Looking Forward to 2008
This is the time of year when everyone rolls out their start-of-the-year predictions. You can see a couple of those here and here. I especially loved Anshu Sharma’s take on this popular beginning-of-the-year routine. Predictions are risky business, especially in the slightly schizophrenic world of IdM. On the one hand, things tend to move way [...]
Oracle acquires Bridgestream
So the worst kept secret in IAM history is officially out. Oracle yesterday issued a long-awaited press release announcing the acquisition of Bridgestream in the Role Management space. Of course, if you have been anywhere near an internet-connected computer, you’d have seen everybody and their mother blog about this. And some of the buzz has [...]
The Debate over RBAC vs. Entitlement Management
The folks over at Securent are onto a good thing with the community driven blog they started called simply the Entitlement Management blog. They have managed to get posts from an impressive set of contributors, including Burton’s Gerry Gebel and Forrester’s Andras Cser. Check it out when you get a chance. What caught my eye [...]
Will Role Management become the focus of Compliance?
A few months ago, I wrote a post in which I took issue with the statement that “Role Management will become the focus of Compliance”. My objection kicked off a flurry of responses from various folks, expressing opinions that covered the gamut. I received a lot of responses disagreeing with me, with quite a few [...]
The “Model-As” Problem
In my last post, I talked about Jeff Bardin’s excellent session about the reality of successfully deploying an enterprise IAM infrastructure. During his session, he touched upon one of the more interesting problems that we see in enterprises today – the “Model-As” problem. Jeff was referring to a practice that is very common in a [...]
Postcard from the Gartner IAM Summit
2 weeks ago I attended Gartner’s first IAM summit. Entering an arena long dominated by Burton and RSA, they nonetheless seemed to have a respectable turnout, even if it was mostly people like me curious to find out what their treatment of the space was going to be. The fact that it was in Vegas [...]
