NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT
08/17/05
Today's focus: Summer reading: Corporate policies for handling
ID data
Dear security.world@gmail.com,
In this issue:
* Identity management book recommendation
* Links related to Identity Management
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by HP
Is password management, user management, implementing single
sign-on or sustaining compliance without going broke causing you
to lose sleep? Manage identities and passwords, mitigate audit
risk, establish a strong privacy compliance management system
and centrally track transactions with HP's identity management
solution. Learn how -- download a whitepaper now.
http://www.fattail.com/redir/redirect.asp?CID=110154
_______________________________________________________________
MOBILE MANAGEMENT
Should companies strictly control employee use of mobile
devices? Employees are finding more ingenious ways to use mobile
devices to stay connected, access important data and communicate
more effectively. But there are increased security risks. This
NW Face Off gives you both sides of the debate. Click here:
http://www.fattail.com/redir/redirect.asp?CID=110079
_______________________________________________________________
Today's focus: Summer reading: Corporate policies for handling
ID data
By Dave Kearns
Phil Windley is an associate professor of Computer Science at
Brigham Young University. Prior to that, from 2001 to 2002 he
served as the CIO for the State of Utah, responsible for
effective use of all IT resources in the state. One of the
courses he teaches at BYU is on "digital identity" which,
coincidentally (or not) is the name of the book he recently
authored <http://www.oreilly.com/catalog/digidentity/> for
O'Reilly and Associates.
You can read chapter 13, "An Architecture for Digital Identity,"
online at the O'Reilly site but buying the entire book is
better. Still, here's a tiny taste of what's in store for you.
In talking about how most identity projects happen, Windley
says: "The systems are thrown into place with little thought to
standards or interoperability. Solving the problem of the day,
week, or month becomes standard operating procedure. The end
result is a tangled mess of systems that are brittle and
unreliable. Heroic efforts are required to make small changes or
even keep the systems running day to day." Sound familiar?
Within the book, Windley also suggests corporate policies for
handling identity data. He's now posted sample policies online
<http://www.windley.com/identity-policy/> - you'll find
policies covering:
* Naming and Certificates
* Passwords
* Encryption and Digital Signatures
* Directories
* Privacy
* Authentication
* Access Control
* Provisioning
* Federation
* Data Confidentiality Agreements
Windley's writings are always thoughtful, frequently
thought-provoking and occasionally simply provoking (see
"Identity Rights Agreements"
<http://www.windley.com/archives/2005/08/identity_rights.shtml>
) and this book is all of the above. The table of contents (read
the expanded version on the O'Reilly Web site) features these
chapters:
1. Introduction
2. Defining Digital Identity
3. Trust
4. Privacy and Identity
5. The Digital Identity Lifecycle
6. Integrity, Non-Repudiation, and Confidentiality
7. Authentication
8. Access Control
9. Names and Directories
10. Digital Rights Management
11. Interoperability Standards
12. Federating Identity
13. An Architecture for Digital Identity
14. Governance and Business Modeling
15. Identity Maturity Models and Process Architectures
16. Identity Data Architectures
17. Interoperability Frameworks for Identity
18. Identity Policies
19. Identity Management Reference Architectures
20. Building an Identity Management Architecture
There's a lot I could say in praise of this work, but probably
the best thing is that this is a book I wish I had written. Read
it.
The top 5: Today's most-read stories
1. Cisco to juice 6500 switch
<http://www.networkworld.com/nldsv5296>
2. Google goes berserk
<http://www.networkworld.com/nldsv5297>
3. Test: CipherTrust tops encryption field
<http://www.networkworld.com/nldsv5298>
4. IT staff shortage looming
<http://www.networkworld.com/nldsv5299>
5. Cisco to double Catalyst 6500 switch capacity in coming
months, report says
<http://www.networkworld.com/nldsv5032>
Today's most-forwarded story:
Cisco to juice 6500 switch
<http://www.networkworld.com/nldsv5300>
_______________________________________________________________
To contact: Dave Kearns
Dave Kearns is a writer and consultant in Silicon Valley. He's
written a number of books including the (sadly) now out of print
"Peter Norton's Complete Guide to Networks." His musings can be
found at Virtual Quill <http://www.vquill.com/>.
Kearns is the author of three Network World Newsletters: Windows
Networking Tips, Novell NetWare Tips, and Identity Management.
Comments about these newsletters should be sent to him at these
respective addresses: <mailto:windows@vquill.com>,
<mailto:netware@vquill.com>, <mailto:identity@vquill.com>.
Kearns provides content services to network vendors: books,
manuals, white papers, lectures and seminars, marketing,
technical marketing and support documents. Virtual Quill
provides "words to sell by..." Find out more by e-mail at
<mailto:info@vquill.com>
_______________________________________________________________
This newsletter is sponsored by HP
Is password management, user management, implementing single
sign-on or sustaining compliance without going broke causing you
to lose sleep? Manage identities and passwords, mitigate audit
risk, establish a strong privacy compliance management system
and centrally track transactions with HP's identity management
solution. Learn how -- download a whitepaper now.
http://www.fattail.com/redir/redirect.asp?CID=110156
_______________________________________________________________
ARCHIVE LINKS
Archive of the Identity Management newsletter:
http://www.networkworld.com/newsletters/dir/index.html
_______________________________________________________________
Panel Of Experts Discuss Managed Network Services
Discover how managed services can fit comfortably into your
overall sourcing strategies. And learn how deploying managed
services allows you to focus on core business, minimize
investment risk, improve reliability, and more. Go now.
http://www.fattail.com/redir/redirect.asp?CID=110122
_______________________________________________________________
FEATURED READER RESOURCE
WIRELESS LANS BUYER'S GUIDE: THE GOODS ON 185 PRODUCTS
We've compiled the largest buyer's guide ever on wireless LAN
equipment. Whether you're looking for an access point, PC Card
or trying to decide between 802.11a, b or g, take a look at the
information that vendors have provided us. We've got the goods
on 185 products. Click here for more:
<http://www.networkworld.com/bg/wlan/index.jsp>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2
International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES
To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>
To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>
Subscription questions? Contact Customer Service by replying to
this message.
This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________
Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>
Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772
For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>
Copyright Network World, Inc., 2005
No comments:
Post a Comment