Sunday, August 2, 2009

Identity Managment In A World WIthout Fences


In 2008, I gave a talk at The Fairmont at The Open Group's Conference in San Francisco.

The title of the talk was

"Identity Management In A World Without Fences."




As noted above, in 45 minutes, I discussed three topics.



The above slide barely touches the numerous standards that become involved with Identity Management when the fences start coming down. These fences started to come down in a significant way when Sun Microsystems led the Liberty Alliance effort.

The vision statement on the Liberty Alliance Project firmly set the stage for the network identity on the web:

"The vision of Liberty Alliance is to enable a networked world based on open standards where consumers, citizens, businesses and governments can more easily conduct online transactions while protecting the privacy and security of identity information. This world, where devices and identities of all kinds are linked by federation and protected by universal strong authentication, is being built today with Liberty’s open identity standards, business and deployment guidelines and best practices for managing privacy."

XACML is and will be a very important standard and why you see that I highlighted on the slide above.




Since my good friend Dr. Scott Radeztsky was attending the conference I felt the need to tie in Quantum Mechanics to this talk since Scott's Ph.D. is in particle physics. I also felt the need to create a corollary to Werner Heisenberg's Uncertainty Principle

The first bullet above is my attempt to create this corollary what I stated:

"It is impossible to predict both the method a developer will take in solving a problem and the many different ways that end users will want to use software. "


The slide above is my summary slide. The slide is self explanatory except possibly for the ABAC. ABAC is Attribute Based Access Control. The real key point for this talk is that security is in the message and the context/security level of the message can change while in transit with today's composite applications.

The final four bullets are beliefs that I have had that have stood the test of time.

Oh yea, after I totally customized my talk around Quantum Mechanics and Identity Managment, Scott Radeztsky blows off my talk :-)