Sun's Chief Identity Officer of the North America Software Line of Business Mark Dixon describes eleven major trends in Identity Management for 2010. In a summary blog, Dixon highlights each of these trends, which he further expounds upon in separate entries. Below is the summary list with links to the more detailed entries: Market Maturity

The Identity Management market is maturing. Much focus is being given to best practices of how to maximize enterprises’ investment in these systems. Rather than focusing on green field Identity implementations, enterprises are concentrating on system expansion or replacement. The industry continues to consolidate, as we at Sun are well aware. Authentication

Demand for strong authentication is growing as enterprises and government agencies seek to deter cybercrime. While some have predicted “death of the password”, the widespread use of UserID/Password as the predominate method for authentication will most likely not go away until we see wide adoption of alternate authentication methods that are both secure and easy to use. Authorization

Fine grained authorization is increasingly desirable but difficult to implement. Policy management standards (e.g. XACML) are also desirable, but not in broad production. Complexity in adapting applications to take advantage of standard authorization methods will continue to delay adoption. Identity Assurance

Answering the question “are you really whom you claim to be?” prior the issuance of Identity credentials continues to be a thorny problem, but is increasingly important in the ongoing battle against fraud. The Liberty Alliance Identity Assurance Framework provides a valuable industry model that defines four levels of assurance, based on confidence in the validity asserted identities and the potential impact of errors. Roles and Attributes

There is a growing acceptance of role based access control in production systems. Governance of the role definition and maintenance process, linked to governance of the Identity Provisioning governance process, is essential. Enterprises are discovering that the use of roles is potentially broader than RBAC, including use of data analytics to evaluate the effectiveness of organizations. The use of attribute-based authentication is being hailed in some markets, particularly the public sector, as an alternative to RBAC. However, a blended approach may be the best solution. Identity Federation

In some ways, Identity Federation is a given. SAML is broadly used a standard protocol and successful business models have been implemented. However, broader adoption is often difficult because business challenges are larger than technology challenges. Burning questions swirl around the challenges of using federation in cloud computing. Regulation

Government regulations (e.g. SOX, HIPAA/HITECH), which primarily address governance, security and privacy issues, will continue to expand, both on national and state/province levels. For example, the HITECH Act which became law earlier this year expanded HIPAA security and privacy regulations to address business partners, and added security breach notification to the national statute. At the same time, industry-driven regulations such as PCI DSS also impose stringent requirements on online merchants. In all these areas, Identity is a critical enabler for compliance. Personalization and Context

Personalization can enhance the value of online user experience. Both identity and context are essential for personalization. Concepts such as “persona selection” and the “purpose-driven web” focus on enriching user experience by blending identity and context. Identity Analytics

Advanced data analytics will bring value to many identity-based activities such as Authentication (historical “fingerprints” based on your patterns of accessing online resources), Context/Purpose (predicting preferences from your historical activity) and Auditing (who really did what when?). Internet Identity

Identity systems for the Internet must efficiently accommodate billions of individual Identities. User-centric or user-managed Identity technologies such as Infocard/Cardspace and OpenID are trying to address the inherent tension between security and ease-of-use requirements. Commercial Identity providers are emerging, including the likes of Facebook, Google, Yahoo, PayPal, Equifax and others, both in public and private sectors. Identity in the Cloud

Identity as a Service (IDaaS) is a critical foundation for Cloud Computing. A number of IDaaS companies are emerging to address this specific need. One of the main barriers to effectively implementing Identity in the cloud is the increased complexity of having to establish effective trust relationships between enterprises and service providers, while protecting the security and privacy requirements imposed by customers and regulations.

As of this writing, Dixon had not posted his final entry in this series on Identity Management trends. Check the Discovering Identity blog for his complete thoughts on Identity in the Cloud, which should be added soon. [...read more...]

		fullsource
Print Email Current Profile Archive Blog Generate newsletter