Public Webcast – Identity Enables Mobility with Security: Identity Centric Architecture aligning SOA with Next Generation Networking …

I’d like to create awareness about a potentially interesting webcast, on August 29 (“Identity Enables Mobility with Security: ICA aligning SOA with NGN”), by Rakesh Radhakrishnan (Sun Microsystems):

“Rakesh Radhakrishnan (http://www.identity.futuretext.com/), an IT architect with Sun, joins us to present the second in a series of webcasts exploring the intersection of Identity Management with SOA. Based on experiences Rakesh has had working in the teleco sector, Rakesh will explore the strategic significance, market requirements and all the potential possibilities of leveraging Standards based Identity Systems for an Enterprise IT environment (& Enterprise Architecture) and Telecommunication environment to provide a pragmatic view for the future in network convergence and converged services based on Service Oriented Architecture. Specific topics included will be:

• Overview (Identity for SOA and NGN)
• Identity for Sensor Networks
• Identity for Programmable Networks
• Identity for IMS
• Identity for OAM
• Identity for NGN IN
• Identity for Web Services/ESB
• Identity for Content/DRM
• Identity for Devices
• Identity for Enterprise Networks
• Identity for Storage and ILM”

More information about this webcast, along with details about (free) registration can be found here.

--- NOTE: use this mirror blog to post anonymous (un-authenticated) comments ---

Digital Identity Survey: Identity Authentication …

The identity management community might be interested in taking this survey - “Digital Identity Survey: Identity Authentication”:

“This survey is intended to evaluate individuals' views and opinions on digital identities, specifically in terms of methods of authenticating one's identity. It should take approximately 15-20 minutes. The results will allow us to guide researchers as they design and implement digital identity management technologies. All information collected in this study will be completely anonymous and kept strictly confidential. Data will be stored securely and made available only to the research team, managed by Dr. Annie Antón and Dr. Julie Earp from North Carolina State University. This research is funded by NSF ITR grant #0428554 jointly with Purdue CERIAS.”

--- NOTE: use this mirror blog to post anonymous (un-authenticated) comments ---

“Content-Aware Access Control” and Enterprise Web 2.0…

Web 2.0 is eventually going to have an impact on Enterprises, at least in terms of collaborative tools. Employees, familiar with Web 2.0 mash-up tools, social network tools, etc., (because they use them in their “private lives” …) will gradually find these tools (and related approaches) more and more relevant and useful also in their day-to-day work, in organising their information, generating content and sharing it with other colleagues. This will have an impact on enterprise collaborative solutions. It is already happening …

However, collecting and organising information within enterprises is subject to business rules, security and privacy constraints. Depending on the level of confidentiality, people’s roles and current stages of business activities (e.g. a Merge & Acquisition process, a security/audit review, a product development, etc.), different “views” and “perspectives” on information need to be provided to different employees for specific reasons. Generated and collected information can be unstructured or only partially structured.

Whilst collaborative and mash-up tools on the web might only need simple access control (or no security at all), a quite different story applies for enterprises. These tools and solutions needs to be “adapted” and re-thought in an Enterprise context.

I am still looking for additional use cases and business cases for Identity 2.0 in enterprises (see here and here …): however I think that there is an opportunity and a role for “Content-Aware Access Policies” and “Content-Aware Access Control” for Web 2.0 collaborative solutions in enterprises.

Content-Aware Access Policies define fine-grained access control constraints on information (for example collected in enterprise collaborative/mash-up tools), by keeping into account different types of content, its actual content and contextual parameters (users, their role, system information, etc.). They reflect business, security and privacy constraints directly on valuable information and content. Part of these policies can be defined directly by people (employees) generating “content” and coupled to this content. In this scenario, the definition of access policies becomes itself the result of social/collaborative networks (in enterprise contexts).

Content-Aware Access Control is driven by these policies: it is not only about allowing (or denying) access to a piece of information (as a whole entity), but can provide fine-grained views and perspectives on this information by processing and manipulating the content.

I think there is an opportunity in exploring models and criteria to express these policies and enforce them with “appropriate” access control systems – by leveraging and extending existing Web 2.0 collaborative solutions. I am very interested in knowing your views and comments on this.

--- NOTE: use this mirror blog to post anonymous (un-authenticated) comments ---

An Identity Management Survey for the Financial Sector …

I came across this article by ITWeb (South Africa), called “ID Management Survey call for entries”, highlighting the fact that “The Tshwane University of Technology has constructed an identity management survey, and is inviting public participation to aid with its research”.

The identity management Community might be interested in contributing to this survey. NOTE: I didn’t find any link form this University to the survey web site, but the survey site provides some contacts to ask questions to.

The article says that “The faculty of ICT aims to use the results of the survey to develop a generic implementation model for identity management in the financial sector.” The survey web site also says that “This will help identify to what extent different organisations agree on what identity management entails, as well as what the requirements are for implementing an identity management solution”.

--- NOTE: use this mirror blog to post anonymous (un-authenticated) comments ---