by Ian Glazer | January 13, 2011 | 2 Comments
I’m a provisioning guy; it was the way I was raised in the world of identity management. And being a provisioning guy my take on how people are enabled to execute business transactions looks like this: Write a provisioning policy such as people in department 10 get LDAP group Q Enforce that policy – give [...]
Category: Provisioning Tags: access governance, federated provisioning, fga, fine-grained authorization, iag, policy, Provisioning, wam
by Ian Glazer | July 20, 2010 | 8 Comments
Yesterday, I delivered the keynote to a federated attribute-based access control (ABAC) symposium. For those of you keeping score at home this is the 3rd of *BAC approaches for authorizing individuals. The 1st *BAC, IBAC – identity-based access control – was essentially so trivial that it never got any good marketing*. The 2nd, RBAC – [...]
Category: Identity Management Market Tags: #cat10, #fedabac, abac, federation, fga, idm
by Ian Glazer | May 18, 2010 | Comments Off
After much effort, our Identity Management Market Profile 2010 has shipped. For those of you not familiar with Burton Group market profiles, we take a market, apply our patent-pending compression algorithm, and crush the market down to 20 or so pages. Now as you can imagine, squishing a multi-billion dollar market down to a handful [...]
Comments Off
Category: Identity Management Market Tags: cloud, eID, esso, fga, idm, provisioniong, role management, wam
by Ian Glazer | May 13, 2009 | Comments Off
Ian Yip’s take on access management versus entitlement management can be partially summed up with this equation: Entitlement management is simply fine-grained authorisation + XACML I have four problems with this. First, definitions that include a protocol are worrisome as they can overly restrict the definition. For example, if I defined federation as authentication via SAML, [...]
Comments Off
Category: Identity and Access Governance Tags: entitlement management, fga, fine-grained authorization, iag
