by Neil MacDonald | November 15, 2010 | Comments Off on You Don’t Have to Own Identity in Order to Consume Identity
I’m here this week in San Diego at Gartner’s Identity and Access Management Summit.
I’ve been associated with Gartner’s identity-related research from 1995 when I joined Gartner to cover Novell and directory services. I’ve atached identity change over the past 15 years. Directory services evolved into metadirectories which evolved into user provisioning which has evolved into IAM platforms, delivering a suite of identity-related services.
At this conference, the hot topics are the shift in focus to deliver identity intelligence, the shift from identity-as-a-product to identity-related services and the role of identity in emerging Cloud-based architectures.
I’ll be giving several presentations: one on the future of information security becoming context and identity-aware; one on the role of identity in next-generation virtualized data centers; and one on Microsoft’s IAM strategy.
On the first topic, I’ve talked before about the need for information security infrastructure to become identity-aware – able to assign policies to logical attributes such as the user’s identity, group, or role. This is a part of a broader shift to assign security policies to logical, not physical, attributes as increasingly we don’t the underlying physical servers and devices that our systems and information are processed on.
Why don’t security megavendors vendors like McAfee, Symantec, Cisco and others get into the IAM market? These vendors are smart in not getting distracted by the IAM business (different buying center, different mindset, lots of professional services). You can deliver identity-awareness without having to own the IAM systems. Most vendors simply tie into Active Directory and LDAP as a start and are evolving to support SAML and other claims formats.
You don’t have to own identity in order to consume identity.
Category: cloud-security microsoft-security security-of-applications-and-data virtualization-security
Tags: adaptive-security-infrastucture cloud-security information-security microsoft-security next-generation-security-infrastructure virtualization-security
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.