OpenID added
After moving my blog to its new location, I have started to look at how I can customise it and add functionality.
As an advocate of Identity Management and user-centric identity, I thought it only fitting that I add OpenID support as my first plugin. As a result, you will now find that in order to leave a comment on my blog you can either:
1) Register as normal
2) Use your OpenID.
This plugin is courtesy of Snaky and can be found here.
Application-Centric IdM – Is this not already here?
Defining Application-Centric IdM
Whilst catching up with everyones feeds after my recent holiday, I came across this post by Nishant Kaushik of Oracle about Application-Centric IdM and its definition.
During his post he states:
“The idea is that instead of each application having to build these
infrastructures as part of their functionality, they can just avail of
them as ready made, standards-based services. Application-centric IdM
moves away from the traditional system management style of IdM,
focusing instead on the creation of an IdM infrastructure that
customers deploy to expose these services for their applications to
plug into their own business processes. It makes identity (and
security) an integral, yet abstracted part of the development process.”
I’m not sure I fully understand the difference between what he is describing as Application-Centric IdM and Enterprise IdM as we have known it for some time.
He seems to be saying that you abstract the IdM and security requirements of the application out into a separate, open standards based layer and then use this from within your application. To me, this is what your access management application (a la SiteMinder, CoreID, Tivoli Access Manager etc) have been doing for years and what each of these vendors have further developed (mainly through acquisition) to encompass IdM as well (a la Identity Manager (CA), Identity Manager (Sun), Tivoli Identity Manager etc). Do these vendors not already provide the functionality that Nishant is referring to in this new term of Application-Centric IdM. Through the use of provisioning, it is already possible to manage application permissions from an abstracted and centralized platform.
I may have missed the point of Nishant’s post. If so, please feel free to correct me but at the moment I aren’t sure why there seems to be this new term for something that has been around for some time.
DON’T FORGET MY BLOG HAS NOW MOVED TO HTTP://BLOG.PDTOAL.COM
Application-Centric IdM – Is this not already here?
Defining Application-Centric IdM
Whilst catching up with everyones feeds after my recent holiday, I came across this post by Nishant Kaushik of Oracle about Application-Centric IdM and its definition.
During his post he states:
“The idea is that instead of each application having to build these
infrastructures as part of their functionality, they can just avail of
them as ready made, standards-based services. Application-centric IdM
moves away from the traditional system management style of IdM,
focusing instead on the creation of an IdM infrastructure that
customers deploy to expose these services for their applications to
plug into their own business processes. It makes identity (and
security) an integral, yet abstracted part of the development process.”
I’m not sure I fully understand the difference between what he is describing as Application-Centric IdM and Enterprise IdM as we have known it for some time.
He seems to be saying that you abstract the IdM and security requirements of the application out into a separate, open standards based layer and then use this from within your application. To me, this is what your access management application (a la SiteMinder, CoreID, Tivoli Access Manager etc) have been doing for years and what each of these vendors have further developed (mainly through acquisition) to encompass IdM as well (a la Identity Manager (CA), Identity Manager (Sun), Tivoli Identity Manager etc). Do these vendors not already provide the functionality that Nishant is referring to in this new term of Application-Centric IdM. Through the use of provisioning, it is already possible to manage application permissions from an abstracted and centralized platform.
I may have missed the point of Nishant’s post. If so, please feel free to correct me but at the moment I aren’t sure why there seems to be this new term for something that has been around for some time.
Gloria Gaynor does security
Saw this great post by Emergent Chaos. It seems Gloria Gaynor now does security!
Excellent 
DON’T FORGET MY BLOG HAS NOW MOVED TO HTTP://BLOG.PDTOAL.COM
Gloria Gaynor does security
Saw this great post by Emergent Chaos. It seems Gloria Gaynor now does security!
Excellent
Giving an online Identity to the masses
Jason Kolb has recently been discussing here how the internet is forming an integral part of our lives. He further goes on to describe (here) his quite ingenious plan for giving out domain names to the masses. Not top-level domains as current internet savvy people have, but sub-domains that the ordinary “Joe Public” can have. As Jason states:
“Obviously, it’s not feasible to expect the general public to pay $7.99
a year for something as abstract as a domain name. The only way to
really make this happen, I realized, is to give them away. However,
it’s not realistic to think that there’s any possible way to buy
everyone on earth a domain name. The registration fees alone would
just be massive. However, you can give away sub-domain names, for absolutely nothing.”
What a great idea Jason! I can’t believe that no-one has thought of this before but it does appear that you are the first.
Not only does this make sense to allow more people to gain their own “online presence” but also removes the problem of finding unique top-level domain names. I know this too well already. Recently, I have jumped on the domain name ownership list by deciding to host my own online presence. When I went looking for a domain name to use I tried to two obvious ones (well obvious to me):
www.toal.com
www.paultoal.com
Both were already registered. Therefore, as you will see if you are reading this, I ended up opting for
www.pdtoal.com
What Jason is doing is minimising this problem. However, how long before I can’t register paultoal.atmy.name or pdtoal.myidentity.name because someone else has got them
DON’T FORGET MY BLOG HAS NOW MOVED TO HTTP://BLOG.PDTOAL.COM
Giving an online Identity to the masses
Jason Kolb has recently been discussing here how the internet is forming an integral part of our lives. He further goes on to describe (here) his quite ingenious plan for giving out domain names to the masses. Not top-level domains as current internet savvy people have, but sub-domains that the ordinary “Joe Public” can have. As Jason states:
“Obviously, it’s not feasible to expect the general public to pay $7.99
a year for something as abstract as a domain name. The only way to
really make this happen, I realized, is to give them away. However,
it’s not realistic to think that there’s any possible way to buy
everyone on earth a domain name. The registration fees alone would
just be massive. However, you can give away sub-domain names, for absolutely nothing.”
What a great idea Jason! I can’t believe that no-one has thought of this before but it does appear that you are the first.
Not only does this make sense to allow more people to gain their own “online presence” but also removes the problem of finding unique top-level domain names. I know this too well already. Recently, I have jumped on the domain name ownership list by deciding to host my own online presence. When I went looking for a domain name to use I tried to two obvious ones (well obvious to me):
www.toal.com
www.paultoal.com
Both were already registered. Therefore, as you will see if you are reading this, I ended up opting for
www.pdtoal.com
What Jason is doing is minimising this problem. However, how long before I can’t register paultoal.atmy.name or pdtoal.myidentity.name because someone else has got them
About
Hi, and thanks for looking at my blog.
For those of you who don’t know me and have stumbled across my blog by chance, my name is Paul Toal and I am a Master Principal Sales Consultant for Oracle.
My main areas of interest and specialism is Identity and Access Management and Information Security. As with most ‘technogeeks’, computers are both my hobby and my job.
-
Recent
- Now on Twitter
- What makes a good presentation
- Authorisation comes full circle
- New swapping site…worth a look
- DNA Database – Finally some sense
- Is the Olympics necessary?
- My First YouTube Post
- Is ALL water a wishing well?
- Date of Birth on Facebook
- Identity Fraud has finally happened to me
- iPod Graveyard
- Strange Acquisitions
-
Links
- Here, Now
- cn=Directory Manager
- JasonKolb.com
- Marc’s Voice
- Identity Management
- Andre Durand – Federated Identity
- Andy Harjanto’s InfoCard WebLog
- BizTalk + WF Visionary Blog
- Ceci n’est pas un Bob
- Dave Kearns Feed
- Dick Hardt – Blame Canada
- Digital ID World Editors Corner
- Doc Searls’ IT Garage -
- Eric Norlin’s Weblog
- Gil’s Blog
- Identity 2.0
- Identity mangement news
- Identity Woman
- IdM News
- iTickr
- Johannes Ernst’s Blog
- Kim Cameron’s Identity Weblog
- Phil Windley’s Technometria
- Ping Identity Blog
- Sara Gates – From Here to Identity
- Schneier on Security
- Scott C. Lemon: Digital Identity Management
- Sxip Identity – Archives
- The Virtual Quill
- Voidstar: blog
- Wired News
- CNET News.com – Threats
- SecurityFocus News
- The Register
- Wired News: Technology
- Wired News: Top Stories
-
Archives
- July 2009 (1)
- May 2009 (2)
- February 2009 (1)
- December 2008 (1)
- October 2008 (2)
- August 2008 (3)
- June 2008 (1)
- April 2008 (5)
- November 2007 (1)
- September 2007 (5)
- August 2007 (1)
- July 2007 (5)
-
Categories
-
RSS
Entries RSS
Comments RSS
