[Log In] []

Exploring the science and magic of Identity and Access Management
Tuesday, February 27, 2024

Catalyst 2005 – Prevailing Themes

Author: Mark Dixon
Tuesday, July 19, 2005
10:35 am

My blog entries for the three days of the recent Catalyst 2005 conference simply
recorded individual items that impressed me from each speaker in the sessions
I attended. Today, I will briefly describe five themes that seemed to be emphasized
consistently throughout the conference. For each theme, a few observations from
conference speakers have been listed. Comments attributed to speakers in the
conference are mostly my paraphrasing of their actual comments.

Identity Management Involves Relationships

We in the Identity Management world spend much time focusing on the management
of individual Identities. We store Identities in directories, we manage "Virtual
Identities," we provision systems with Identity attributes. However,
it is the relationship between Identities and other things that really matters.
The tools to manage relationships are not as mature as the tools to manage
Identities, but should become more complete in the future.

Mike Neuenschwander, Burton Group: "Relation"
is a core ingredient to distributed systems. Identity isn’t about
the end points—it’s about the relationship … Enduring systems
account for multiple views by focusing on relationships.

Jamie Lewis, Burton Group: "Its the relationships,
stupid!" ID services facilitate and coordinate relationships and interaction."

Jarrod Jasper, GM: Identity Managements helps answer the
question, "How long does it take to enable a desired relationship so
someone can get to work?"

John Loiacono, Sun: Identity Management will drive Participation
by enabling relationships

Randall Gamby, Burton Group: Workflow deals with relationships
between people

Dave Temoshok, GSA: IDM Federation Core Infrastructure
addresses Trust, Interoperable Technology and Business Relationships/Governance

Business Issues are More Important than Technology Issues

Being from a technology company, it is easy to get caught up in the role
technology plays in the resolution of Identity Management issues. However,
we must not forget that technology is a tool to solve business problems. As
Identity Management software matures, it becomes clearer that business issues
are paramount.

Jamie Lewis, Burton Group: Architects must understand
larger context where business, technology combine. Identity Management is
80% politics and business, 20% technology.

Mike Neuenschwander, Burton Group: Architecting identity
systems requires an understanding of more than its constituent technologies

Phil Blank, ADP: We should talk business process and business
value of Identity Management to business owners.

Compliance is the Most Critical Identity Management Driver

In the current business environment, compliance with government regulations
is the most important business driver. In most major enterprises, compliance
is now recognized as a stand-alone budget line item. This simplifies justification
of Identity Management systems, which are crucial to meeting compliance demands.
Government regulations are forcing enterprises to focus on business improvement
processes which should be healthy for business in the long run, even though
compliance is requiring heavy new investment.

Sara Gates, Sun Microsystems: Audit and compliance can
become an enabler for new business opportunities

Frank Auger, Novell: Compliance forces a sense of urgency,
which can force a healthy long term systemic approach.

Prakash Ramamurthy, Oracle: Compliance is now a budget
line item

Doug Simmons, Burton Group: Deployment strategy will be
influenced as much by regulatory issues as return-on-investment priorities

Identity Management as a Risk Management Tool

Enterprises must effectively deal with the ever-increasing threat of automated
intrusion from the outside and ethical compromise from the inside. Identity
Management must be an integral part of information security strategy, which
is largely an exercise in Risk Management.

Jamie Lewis, Burton Group: Risk Management is one of the
top five Identity Management Drivers

Scott Blackmer: The old worry was Big Brother. The
new worry is lots of Little Brothers – sharing data, losing data.

Dan Blum, Burton Group: We must raise the bar of software security so as
to reduce risk

Identity Services should be an Integral Part of Service Oriented Architectures

Service Oriented Architectures (SOA) are emerging to support business agility
and enable rapid change. Identity Management must be an integral part of such
architectures. All applications and systems must be Identity-enabled to ensure
security and regulatory compliance. Therefore, Identity functionality should
be delivered as Identity services within the SOA context.

Mike Neuenschwander, Burton Group: Service-oriented architecture
for Identity is a better approach than suites

Nick Nikols, Burton Group: Identity services are the set
of services that enable applications and other services to fully leverage
identity information … Identity services will facilitate the consumption
of identity by applications and services

Ken Weiss, Charles Schwab: Every resource, every application,
must be identity-enabled

Ann Thomas Manes, Burton Group: Use Identity-based security
throughout service oriented architectures



Comments Off on Catalyst 2005 – Prevailing Themes . Permalink . Trackback URL

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.