Network World on Twitter Get our tweets and stay plugged in to networking news. An unhackable payment and ID managment system? Cisco Subnet blogger Jamey Heary has ventured into the land of science fiction to give you a glimpse if IT - and its security - in the year 2109 based on the science of today. Enterprise Provisioning vs. Federated Provisioning When last we spoke I left you thinking about deprovisioning both your people from apps you don't control or your apps from people you don't control. It's a big issue with software-as-a-service (SaaS) and federated provisioning. It was the Burton Group's Ian Glazer who said: "...there should be no reason why deprovsioning from an application like Salesforce.com is any harder than deprovisioning from LDAP." And, in truth, maybe it isn't. Provisioning and federation Federated provisioning is the topic, and the raging dispute about its pros and cons is today's subject. It started with the comment by Daniel Wakeman (CIO, Educational Testing Service), who said "It's a 'huge shortcoming' that SaaS [Software-as-a-Service] vendors do not embrace 'federated identity management' standards allowing centralized identification and validation of users via a single sign-on process..." The promise of provisioning Way back in the dark ages, 10 whole years ago, I first wrote about provisioning as the "killer app" for Identity Management. Actually, I called it the killer app for directory services, since the identity management tag hadn't yet been promulgated. In a piece I wrote for Novell's Web site (now, sadly, no longer available), I touted Business Layer's eProvision Employee application and talked about what was to come. Sometimes prognosticators are wrong. E-provisioning's dirty little secret It was just four years ago, that I was strolling through "Start-up City" at NetWorld+Interop Atlanta in 1999 and stumbled across a new company, Business Layers, touting a brand new application called "eProvision Employee." I was intrigued, and I had a few minutes to kill. I fell in love. Here was the application that could finally bring directory services and identity management into the mainstream. Provisioning/de-provisioning in the education sector I'm at the Catalyst Conference in San Diego this week - say "Hi!" if you see me wondering the halls - but the news from the show will have to wait until next week's newsletters. Today I want to finish something I touched on recently - provisioning/de-provisioning in the education sector. Provisioning/deprovisioning problematic for a third of organizations Every time we think we've finally gotten a handle on the user provisioning/deprovisioning issue something comes along to disabuse us of that notion. In this case it's the results of a survey of attendees at last spring's Directory Experts Conference (DEC) put on by NetPro. Who goes there? Identity management is all about who you are and what you should be allowed to do. This Product Guide describes the technology and how it works. Three months, three breaches at Florida university For the second time in three months, the University of Florida in Gainesville has acknowledged a major data breach -- and a statement posted on the University's Web site indicates that there was a third, less public, breach discovered by the school during the same period. February giveaways from Cisco Subnet and Microsoft Subnet Up for grabs: One American Express gift card worth $250 from Global Knowledge; One Microsoft training course worth $2,995 from Global Knowledge; 15 copies each of the hot book titles Voice over IP Security, and CCNA Wireless Official Exam Certification Guide and 15 copies of Exchange Server 2007 How-To: Real Solutions for Exchange Server 2007 SP1 Administrators. Get all the entry details here. |
No comments:
Post a Comment