Month: April 2011

Talking Identity at the European Identity Conference and more

May is going to be a busy month. I already mentioned I’ll be at the Internet Identity Workshop next week (if only for the first day and a half), where I fully expect to dive into discussions regarding SCIM and OAuth in the Enterprise (picking up from where we left off at the last IIW).

SCIMming the Surface of User Provisioning

This should be interesting! By all accounts, one of the main reasons that SPML never achieved traction was that application vendors were not involved in developing or deploying the standard. The effort to standardize provisioning of accounts was driven largely by the provisioning engine vendors. The result was an unwieldy standard that nobody could figure

A Brief Q&A on Identity

The intrepid Emanuela Giannetta (Marketing Manager for Oracle InfoSec in EMEA, and the voice behind @OracleSecurity) just did a brief Q&A session with me about my recent experience at Gartner IAM Summit in London and Oracle’s entitlement-centric approach to identity management. I had promised to give her some time during my London trip, but the

An Entitlement-Centric Approach to Security

Last week, I gave a well-received talk to a group of CxO and high-level IT managers on a new way to think about security built around entitlements. The premise of the talk was that with the de-perimiterization of the enterprise, the modern enterprise has already become entitlement-based; we in the security industry just haven’t caught