1 / 4

Do We Really Need More ID related Standards?

Do We Really Need More ID related Standards?. www.KeyPairTech.com. Where are we now?. Technology/mechanism. Solutions/Vendors. ID Management. Password OTP – RSA, OATH Smart Card/ Certificate Biometrics Cookie/Session Id Kerberos Ticket Card Space, STS SAML 1.0, 1.1, 2.0

xia
Download Presentation

Do We Really Need More ID related Standards?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Do We Really Need More ID related Standards? www.KeyPairTech.com

  2. Where are we now? Technology/mechanism Solutions/Vendors ID Management • Password • OTP – RSA, OATH • Smart Card/ Certificate • Biometrics • Cookie/Session Id • Kerberos Ticket • Card Space, STS • SAML 1.0, 1.1, 2.0 • OpenID, GoogleID, • YahooID, LiveID, etc • MAC, IP Authentication • Workflows • Life cycle management of different credentials and tokens • M & A causes tremendous problems • Rip & Replace – WILL NOT WORK • Change is very very ... hard – if not impossible • Microsoft • Sun, IBM • Oracle, CA • Novell • EMC/RSA • Upek, Precise Biometrics • Ping Identity • Yahoo, Google, AOL • Activ Identity, Gemalto • Open Source Software Key Pair Technologies: IDTrust 2009

  3. What has been our response? • Customer you need: <password, OTP, X509, SAML vX, etc> for this service • Customers don’t understand why this need this here versus something different elsewhere • Enterprises has invested in infrastructure which are not flexible – change in algorithm – wait for a new version of this product, BTW, you will need the rest of this kitchen sink • Technologies talk technology, Sales and CxOs talk Value. Both are right and both don’t connect – you do your thing, I will do mine. Where is the MBA course on selling technology to non-technical business folks. Note that the ultimate customer is non-tech person. • Regulation is seen by CxOs as a pain and expense and not as how it saving them money or making them more secure, etc. Identity is the main driver for Regulations today. Key Pair Technologies: IDTrust 2009

  4. Next Steps [1] http://middleware.internet2.edu/idtrust/2009/slides/05-neumann-context.pdf Develop a Vision for IDentity1 Develop lessons learnt from developing and deploying each of these ID technologies Now we can think about more ID related Standards if they don’t address needs, but, also develop a deployment and migration plan I am very interested in this topic. You can contact me: shivaram@KeyPairTech.com Key Pair Technologies: IDTrust 2009

More Related