Thursday, November 23, 2006
Identity Management and Fine-Grained Access Control
Over the last several months, I have been savage in blogging on the topic of XACML. Likewise, I have been equally frustrated with industry analysts who are so caught up into the over-hyped problem space of identity management that they can't see the forest for the trees...
Identity Management and the tools in this space are simply not enough. While I understand that it will take most enterprises years to get a handle on the basics, you need to understand that once you are done, you are not done. You need to start asking yourself what are folks such as Mark Dixon, Pat Patterson, Kim Cameron and others not talking about?
The conversation in terms of the Liberty Alliance is tired and no longer adds value. Identity management is sold to large enterprises under the guise of compliance to Sarbanes Oxley yet provides little business enablement. If you are a culture that has embraced the notion of rationalization, and are in the pursuit of eliminating functional redundancies you also haven't thought crisply about your own enterprise.
Finding redundancies is not just a problem-space of taking the notion of Business Architecture but also includes finding redundancies in terms of other aspects within the enterprise. If you dig deeper, you may find that you also need to rationalize the way security is applied throughout the enterprise.
Ask yourself, if you use any of the current web access management products that simply don't work on non-URL architectures such as SOA, will you be duplicating your security model while thinking you are making things better? Do the industry thought leaders on identity have any vested interest in guiding you to eliminating redundancies within your security approach or are they motivated by simply uncovering problem-spaces that result in yet more products being added to the enterprise?
I can say that at least I am not alone in this discussing this problem-space within the blogosphere. You should also check out Shekhar Jha who works for one of the premier consulting firms in this space.
Anyway, the one real 100% unbiased industry analyst Jon Udell at least is starting to talk about the problem ahead of the other so-called analyst firms. Check out this podcast betwen Jon and Rajiv Gupta, CEO of Securent.
Hopefully, since Rajiv is starting the conversation, we could also get folks from BEA, Jericho Systems, Identity Engines, Pega, Documentum, Alfresco, EMC, JBoss, Liferay, ServiceMix, IBM, Oracle and Vordel to not only amplify this type of discussion but to also openly blog on how they align with it...
| | View blog reactionsIdentity Management and the tools in this space are simply not enough. While I understand that it will take most enterprises years to get a handle on the basics, you need to understand that once you are done, you are not done. You need to start asking yourself what are folks such as Mark Dixon, Pat Patterson, Kim Cameron and others not talking about?
The conversation in terms of the Liberty Alliance is tired and no longer adds value. Identity management is sold to large enterprises under the guise of compliance to Sarbanes Oxley yet provides little business enablement. If you are a culture that has embraced the notion of rationalization, and are in the pursuit of eliminating functional redundancies you also haven't thought crisply about your own enterprise.
Finding redundancies is not just a problem-space of taking the notion of Business Architecture but also includes finding redundancies in terms of other aspects within the enterprise. If you dig deeper, you may find that you also need to rationalize the way security is applied throughout the enterprise.
Ask yourself, if you use any of the current web access management products that simply don't work on non-URL architectures such as SOA, will you be duplicating your security model while thinking you are making things better? Do the industry thought leaders on identity have any vested interest in guiding you to eliminating redundancies within your security approach or are they motivated by simply uncovering problem-spaces that result in yet more products being added to the enterprise?
I can say that at least I am not alone in this discussing this problem-space within the blogosphere. You should also check out Shekhar Jha who works for one of the premier consulting firms in this space.
Anyway, the one real 100% unbiased industry analyst Jon Udell at least is starting to talk about the problem ahead of the other so-called analyst firms. Check out this podcast betwen Jon and Rajiv Gupta, CEO of Securent.
Hopefully, since Rajiv is starting the conversation, we could also get folks from BEA, Jericho Systems, Identity Engines, Pega, Documentum, Alfresco, EMC, JBoss, Liferay, ServiceMix, IBM, Oracle and Vordel to not only amplify this type of discussion but to also openly blog on how they align with it...
