 |
Low Rate eCommerce & Retail Plans
Click Here for
fast and easy setup |
| Recent
Articles |
Gartner Warns Firms On Google Desktop
The research company thinks that corporations should utilize the Enterprise version
of Google Desktop if they permit the product in their operations.
Google BearingPoint For Search Services
A partnership of Google and BearingPoint means corporate purchasers of Google's
hardware can contract for assistance installing and configuring Google for the
enterprise.
Kim Turns Microsoft Toward Open Source?
Kim Cameron, what are you doing (he
just announced that he got Microsoft's InfoCards working on WordPress and PHP
and is having a conversation with lots of people in the community)?
French
Police: Firefox Oui, IE Non
The French Police Force has chosen to replace installations of Internet Explorer
on its network with the open source Firefox browser. Firefox
and its mail client...
Sorry,
Microsoft; ODF Lives On In Mass.
Surprise, surprise. Massachusetts Governor Mitt Romney appointed a successor to
the departed CIO of the state's Information Technology Division...
AMD Can Subpoena Firms For Intel Suit
Third parties that received subpoenas from AMD for its antitrust case against
Intel had been reluctant to comply, citing non-disclosure agreements with Intel.
US District Court Judge Joseph J. Farnan Jr ruled...
Opportunities
2006 - Usefulness
2006 is going to be a year where the creators of web technology have the opportunity
to make their services better in terms of integration, usability, and usefulness.
Your
Next Job Depends On Google
It's not who you know that will get you the next cushy corporate job, but what
you know, and that 'what' is everyone's favorite search advertising company...
Are
Bloggers In Legal Jeopardy?
So let me get this straight: if someone annoys me online, via a web site or in
an email, and doesn't disclose their real name, I can have them hauled off to
SuperMax?
|
|
03.06.06
CIO Enterprise Identity Project Approaches
 By
Bill Brant
The Enterprise Identity Management project is all about automating business processes
and synchronizing identity-related information across the enterprise.
Why do we need Identity Management?
Identity management is necessary to support a strong and flexible security framework. Most system and data vulnerabilities come from improperly managed rights and entitlements. Many companies do not have the necessary identity-related security implementations to adequately control access to services, devices, applications, and data. Properly securing an enterprise today means implementing automated processes and procedures for granting and revoking access to company resources. Intelligent identity management implementation will provide staff with the means to control, enforce, and monitor access to company resources. Additional benefits include access to monitoring and providing a proof of compliance to Sarbanes-Oxley auditors.
Identity Related Access
Control of employee, supplier, and partner access can be far from perfect. Terminated contractors and employees may have access to company resources long after they have officially left the company. Access credentials that employees and contractors need in order to perform their normal tasks are frequently so numerous that they write down their access codes and store them in or near their workspace. Securing the enterprise means providing a process or framework to synchronize employee, supplier, and partner identities across all systems. An intelligent identity management system provides the means to achieve a high degree of security and a secure trust level while allowing employees, suppliers, and business partners to access company resources.
Best Approach to Identity Management
The best approach for an intelligent identity management framework is an open
system approach, which uses standardized, readily available commercial components.
The open system approach creates an environment that is adaptable and enables
the company to respond quickly to rapidly changing business environments. The
approach also provides a framework in which individual components can be replaced,
maintained, or upgraded on demand with minimal or no impact to the overall system.
Additional benefits are achieved by reducing reliance on any one vendor or technology,
and this provides a buffer against technological change and vendor consolidation.
This approach allows the framework and methodology to reduce the risk associated
with implementing or changing components.
Low
Rate eCommerce & Retail Plans
Click Here for
fast and easy setup |
|
Implementation Methodologies
Considering the required cost and complexity of integrating identity repositories in the enterprise, an open flexible system that reuses readily available components is an ideal solution to a very complex problem. Identity-related processes require communication between technologically diverse identity repositories, applications, and processes. Each application and identity repository is designed for a specific purpose and not necessarily designed to integrate with other solutions. However, achieving the desired goal of integrating these technologically diverse repositories with ongoing business processes is a difficult and complex issue. The ideal solution is to integrate the applications, identity repository, and business process by using a common, robust, and scalable transport to exchange information. Enabling applications, a legacy system, and a business process to exchange information in a common and reliable manner is a necessity to meet long-term business needs. This technology must provide for guaranteed data delivery, regardless of network changes or outages, and it must also provide a level of abstraction from diverse identity repositories and processes.
Service Oriented Architectures (SOA)
With the increasing acceptance and reliance on SOA (Service-Oriented Architectures), Web Services, Middleware Messaging, and Database solutions, these items are being adopted in many enterprises and are becoming a common component of numerous business enterprises.
Web Services?
The loosely coupled nature of Web Services provides a flexible, component-based,
open, extensible, and reusable solution. Web services also enable platform and
application-independent communication methods of exchanging information over HTTP.
However, if there are unexpected network connectivity issues, does the client
have a mechanism to guarantee that any and all data will be delivered to the Web
service? No matter how good your network is, there will always be a chance that
critical data can be lost owing to a variety of reasons. Web services by themselves
cannot provide the necessary guaranteed data delivery service that is required
for today's demanding business environments. On their own, Web Services have no
standardized mechanism to provide a guaranteed data delivery service when network
outages occur unless the application is specifically designed and developed with
a guaranteed data delivery mechanism.
Read
the Full Article
About
the Author:
EAI SIM Solutions was founded by Bill Brant. EAI SIM Solutions can help you implement
flexible extensible Identity Management solutions, enabling you to enforce strong
processes to enhance internal security and accountability throughout the enterprise.
|
|
