Defining Role Management – Part 1

The topic of role management is always an interesting one to debate. Everyone’s take seems to be slightly different; so much so that if you listen to enough people, you end up trying to rationalize a rather broad spectrum. I recently spent some time having a rather animated discussion on the topic with someone who

Analyzing Microsoft’s approach to provisioning

Gartner’s MQ report on provisioning calls out the different approach that Microsoft has taken to the provisioning space. Termed the “enterprise access management” approach, it essentially advocates the externalized authn and authzn model that requires less pushing of data into target system repositories, and more pulling of data by the target systems from MIIS at

Selective Delegation: The key to a successful attestation process

One of the philosophies at Thor (that we have proudly carried over to Oracle) is our commitment to building products that deal with the dirty realities of our customer’s deployment needs, instead of living on some idealized plane. Getting there requires a lot of input from our customers. This week, our Product Management team is doing a customer

How you can handle your attestation needs

Attestation (aka Re-certification aka Periodic Review) is one of the latest must-have’s in the world of compliance-driven IdM (if you know of another name it goes by, please share). It essentially refers to the management practice of periodically checking and certifying that only the individuals who need certain access privileges have those access privileges. Here

The choices we make…

Working as I am on the architecture for the next generation of our IdM products, I found the thesis of this article extremely interesting. It basically uses Windows as an example of how the cost of innovation increases dramatically with any attempt to make that innovation backwards compatible. And points out how Apple tackled a

Our new mantra?

In an internal memo last October, Ray Ozzie, CTO for Microsoft, wrote, “Complexity kills. It sucks the life out of developers, it makes products difficult to plan, build and test, it introduces security challenges and it causes end-user and administrator frustration.” Amen to that! That is why the new focus of the IdM groups should

Is SPML the Rodney Dangerfield of Standards?

One thing that I found surprising at the CAB was the lack of discussion around SPML. Admittedly, the standard hasn’t made enough progress, and is nowhere near the maturity that (for instance) SAML has achieved. But I would have thought that the need for it would make it a hot issue for those who haven’t

Don’t mix developers with customers…

At the end of another customer council meeting, one thing was abundantly clear –  our customers have no intention of being faceless names on a list somewhere. They have opinions, they are vocal, and they would very much like to be a part of the development process. Hot button topics were support, roadmap visibility and

The Dawn Of A New Era!

So it seems that someone finally slipped up and gave me an outlet for my ramblings. One can only hope that this will lead to something useful. Fostering a community takes time, but maybe this will give me a way to finally harness the raw knowledge that I experience in my job every week.