So another player in the identity market has been absorbed. HP
is acquiring Trustgenix Reading Andre’s blog entry on this subject got me a nostalgic. Maybe its the season. Maybe its the leftover turkey’s tryptophan.
Being part of the 1st generation of user provisioning tools in the market, and having been acquired by a “suite” vendor, I’ve had a ringside seat to watch the industry expand and contract. There was the first wave of expansion with Access360, Business Layers, Waveset, BMC for provisioning and Oblix, Netegrity, Securant, DASCOM, Entegrity for web access control. There was Courion and M-Tech for password management. Among the meta-directory group you had iPlanet, Novell, Siemens, Zoomit. OctectString and RadiantLogic were there for virtual directory services. Then there was the first major market contraction. The bubble had burst. We had blown through our cash. The dreams we had of making a squillion dollars vanished… now we had to actually work for our money. In this first major contraction, we saw CA eat Netegrity who ate Business Layers. IBM swallowed Access360, DASCOM, and Metamerge while Sun consumed Waveset. RSA bought Securant. Microsoft got Zoomit. Oracle bought Oblix and, recently, Thor and OctectString. (The ink has barely dried on this one but I consider the tail end of the first market contraction.) Continue reading "Looking back to look forward: Thoughts on HP acquiring of Trustgenix"...
Bruce Schneier posted an essay he wrote on Surveillance and Oversight over on his blog. He compares the FBI’s actions over a potential terrorist threat during Christmas 2003 to the response to a potential riot by the Rotterdam police force. He illustrates how the FBI’s lack of judicial oversight coupled with FISA warrants and national security letters leads to its ability to consume massive amounts of data about people without their consent and knowledge.
I used to say, it didn’t really matter what the government collected about me as I wasn’t that interesting. But at some point, something just snapped inside, and I have become fiercely protective of my data and distrustful of the government’s ability to do the right thing with that data. I am still not that interesting, but that doesn’t mean I want the FBI hoovering up bits of me from hotels, credit card companies, airlines, and libraries.
Okay so we don’t have an explicit Constitutional right to privacy. The Supreme Court’s ruling have help establish privacy as a basic human right. We certainly don’t have an explicit Constitutional right to anonymity. Yes, there are cases around various aspects of anonymity, but nothing overly definitive and nothing explicit. It would be interesting for someone to write a history of anonymity. I’d love to see a time-line of when we lost our ability to be anonymous citizens, tourists, and customers. Continue reading "Why I don’t travel for major holidays or How the FBI stole Christmas (and our privacy)"...
I was thinking about the role management panel at Digital ID World in New York this weekend. My first reaction to the panel discussion, which consisted of BearingPoint, Prodigen, Bridgestream, and Thor, was that roles are finally growing up. The idea that roles require lifecycle management just as identities do is, at first, a little shocking but then makes a great deal of sense. Working in the enterprise provisioning market for years, I got used to hearing how hard it was to complete a role deployment. At the same time you had Burton Group and others professing the value of roles. Customers were fighting both the difficulties in deploying identity management solutions as well as the difficulties in understand and leveraging roles. As the industry provided better automation for the provisioning problem, we saw deployment times go down. But, roles were still tough to deal with. We are now seeing tools to help truly automated the role lifecycle management problem.
One of the points that was agreed upon by the panel members was that business roles are separate from IT roles. Who I am in a company is very different than my privilege sets in target systems. Some provisioning products attempt to make this distinction. By elevating roles to a discipline that truly needs its own tooling, we will be able to manage that distinction far better than we can today. I do wonder if potential customers will still look at roles as too difficult and not address them appropriately. “Roles are hard. See… they have to have tools to deal with them,” I can hear a potential buyer say. To this, I often respond with a wink, “IT would be simple if we didn’t have end-users.” Continue reading "Attack of the YAMS: Thoughts on the Role Management Panel at Digital ID World"...