Privacy advocates have long been raising a hue and cry about the negative impact social networking sites are having on privacy. For the most part, the glare has been on the poor security practices and privacy controls of these sites. But now researchers at the University of Texas at Austin have brought to light a
My previous post on federated provisioning generated some interesting responses, both in the comments and in the blogosphere (see responses from Ian, Pamela and Pat Patterson). The topic has been so engaging (starting with Jackson Shaw’s post) that while I was writing this post I saw that Dave Kearns has made it the topic for
Ian Glazer recently blogged about federated provisioning, saying “Federated provisioning should not exist; there is only provisioning.”. Well, I think he’s both right and wrong about this. Let me explain. Suppose two companies, Acme and Omega enter into a federation agreement, whereby employees of Acme will be able to access a service at Omega using
Wednesday, January 28 is International Data Privacy Day, honoring the anniversary of the Council of Europe Convention on Data Protection (No. 108), the most important international law for privacy. The purpose of this convention is to secure in the territory of each Party for every individual, whatever his nationality or residence, respect for his rights
It’s been a long time since I have been able to post. A lot conspired to make it difficult for me to keep up with my blogging, not the least of which has been a number of interesting, but under wrap, developments within the IdM group at Oracle (if you follow me on Twitter, you
One of the big buzzwords this past month or so has been “Identity Assurance“. Liberty Alliance made a big push for the Identity Assurance Framework (IAF)at DIDW last month, conducting a number of sessions/workshops introducing it to the masses. Our old friend Frank Villavicencio, who is a co-chair of the IAEG, was a star at
My Digital ID World was all about conversations. Much more useful to me than the sessions was the opportunity to brainstorm with some very smart, very committed (some insanely so) people in the identity community. The sessions were good, and some managed to inspire some original thought. But the hallway conversations (so to speak) were
This week I was invited to join Brenda Hughes from Cisco on next weeks DIDW panel discussing “Lessons learned from Successful Compliance Deployments“. My hope is to share some of the insight I obtained from watching (at uncomfortably close quarters, from a vendor perspective) a number of our customers go through the process of deploying
The annual Digital ID World conference is coming up (September 8 – 10) in Anaheim. DIDW is usually a blast, as a number of folks from the identity arena show up at the conference to connect, exchange ideas and move the business of identity forward. And this is the first conference I’ll be attending in
In response to my post about the lag in OpenID RP adoption, Mark Workel asked the following questions: 1. What are the strategic advantages of becoming an IdP? 2. As a consumer or RP, how do I know if an IdP is reliable? I don’t think I can authoritatively answer these, but I do have