Posts Tagged ‘idm’
It’s time for another one of those posts where the purpose is to save me from repeating myself, and also hopefully seed some ideas into the industry. I take inspiration from my recent purchase of some Vibram Five Fingers, which I hope to review here another day. It boils down to this – I see […]
Filed under: identity, security | 1 Comment
Tags: account, audit, break glass, entitlements, idm, portal, provisioning, review, self service, service, system, technical
Identity Providers – the rest
This is my fourth and final post in a series looking at how federated identity has broken into the mainstream (I previously looked at Twitter, Google and Facebook). MyOpenID (JanRain) When I first needed an OpenID identity provider (IDP) this was the service that I was pointed to (thanks @psd). From a security perspective there’s […]
Filed under: blogging, could_do_better, identity | Leave a Comment
Tags: about.me, cardspace, federation, Flickr, google, Gravatar, identity, identity management, idm, information card, JanRain, Live, login, Microsoft, MyOpenID, OpenID, WordPress, WordPress.com, Yahoo!
Two wishes granted – an API for XACML, and OpenID from Google Apps. Wish three – strong(er) authentication for Google Apps to make SaaS more secure.
Filed under: identity, security | 1 Comment
Tags: directories, google, identity, idm, ldap, ldif, OpenID, saas, security, strong auth, strong authentication, twittergate, xacml
Persona – one year on
It seems that the term Persona is finally finding its way into common usage, and I’m encouraged by the recent posts by Nishant Kaushik and Mark Dixon.
Filed under: security | 2 Comments
Tags: digital identity, idm, llp, persona, security, trust
I promised a more detailed post about this in my previous one about ERM. This is not intended to be entitlements services 1-01, but there is some necessary preamble to set the scene. Somebody probably ought to write that tutorial, as web search and WikiPedia are unusually unhelpful in this area, but that’s not going […]
Filed under: security | 10 Comments
Tags: authorisation, authorization, directory, entitlements, identity, idm, ldap, ldif, pap, pdp, pep, xacml
This isn’t a post about consumer DRM, which I think has been covered well enough before by Cory and others (though some of the Bob=Carol issues still apply). Enterprises have a load of stuff that they need to (or are obliged to) protect. This is a post about the issues that I see with entitlements […]
Filed under: security | 8 Comments
Tags: ADL, cryptography, DLP, DRM, encryption, ERM, idm, PKI
Despite the lack of comments (yet) the post on persona has resulted in some good behind the scenes debate. Something that came out of this is that I agreed to post an illustration of how a legal entity fits into the persona illustration in order to effect the LLP concept: Sadly this still leaves us […]
Filed under: security | 5 Comments
Tags: identity, idm, llp, persona, security, trust
Persona
OK, it’s time for my first serious post, and it’s not about a brand of fertility monitor. Persona is a term that’s increasingly being used in conversations around digital identity, but it’s not one that I typically find to be well defined. The Wikipedia entry doesn’t help much, as it is about the more general […]
Filed under: security | 6 Comments
Tags: digital identity, idm, llp, persona, security, trust