NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT 08/18/04 Today's focus: Calling for a policy access protocol
Dear [EMAIL PROTECTED], In this issue: * Why policy datastores would benefit from a protocol for ��accessing policies * Links related to Identity Management * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Oracle An Economist Intelligence Unit White Paper: From Grid to Great? Grid computing is breaking out. Familiar mostly to academics, government groups, and scientific researchers, this technology that links together the power of diverse computers to create powerful, fast and flexible systems is beginning to catch on in the corporate world. Included in this white paper, results and interviews from a global survey among Sr Executives, click to download now http://www.fattail.com/redir/redirect.asp?CID=72606 _______________________________________________________________ CHECK OUT NW FUSION'S NEW WHITE PAPER LIBRARY Just launched: NW Fusion's White Paper Library with new features and improved capabilities! Sort NW Fusion's library of white papers by Date and Vendor, view white papers by TECHNICAL CATEGORY, mouse over white paper descriptions and take advantage of our IMPROVED white paper search engine. CLICK HERE: http://www.fattail.com/redir/redirect.asp?CID=72525 _______________________________________________________________ Today's focus: Calling for a policy access protocol By Dave Kearns Last time, I mentioned that I recently spent time talking to MaXware Director of Worldwide Marketing Ira Horowitz about the company's identity management and directory services products. I talked about the newest - Dynamic Identity Store - last month in the roundup of Catalyst announcements, and Horowitz wanted to be sure I understood exactly how it worked. He showed lots of what looked like modern day Venn diagrams ( <http://www.venndiagram.com/> ) explaining the interconnecting and overlapping nature of the various parts of identity management. But he really wanted to talk about the other new release from MaXware, Virtual Policy Server (VPS). I mentioned VPS last month ( <http://www.nwfusion.com/newsletters/dir/2004/0719id2.html> ) as a proposed engine that does for policies what the original MaXware product - Virtual Directory Server - did for identities. Namely, it consolidates policies not into a central repository but through pointers to the original policies used to read the up-to-the-minute policy when it is needed. What I neglected to mention at that time was that using VPS - which would make network, service, application and user management much easier - was going to require some changes in the way applications are written. Specifically, in order to use VPS, applications and services will need to be aware of it and use the freely available API from MaXware to take advantage of it. Now when Microsoft publishes a new API (such as, for example, the .Net initiative for Web services), everyone - independent software vendors, corporate programmers and others - immediately take notice and try to, first, accommodate the new interface and then leverage it. But MaXware is no Microsoft in terms of clout, not even in the small pond of identity management vendors, which is, of course, a pond full of piranhas waiting to savage each other. As I suggested to Horowitz, and I'm now suggesting to you, what's needed is a policy access protocol. Just as Lightweight Directory Access Protocol (LDAP) energized the use of directory services as ubiquitous repositories of identity data, so too would policy datastores benefit from a public standardized protocol for accessing policies. The eXtensible Access Control Markup Language (XACML) Technical Committee of the Organization for the Advancement of Structured Information Standards (OASIS) makes a great place to start. MaXware's VPS already supports that standard and I'm contending that XACML doesn't, in its current implementation, go far enough. All policies, not just access control policies, need to have a standardized way of being created, maintained, reviewed and enforced by second- and third-party vendors. Just as MaXware's Virtual Directory can transparently access directory services from Microsoft, Novell, Sun, IBM, Critical Path, Computer Associates and others, so too should VPS be able to transparently access policies stored in directories, file systems, registries, routers and switches, relational databases - in short, everywhere a policy can be stored. I don't know if anyone is working on such a protocol yet, but I'd like to hear about any initiatives. _______________________________________________________________ To contact: Dave Kearns Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill <http://www.vquill.com/>. Kearns is the author of three Network World Newsletters: Windows Networking Tips, Novell NetWare Tips, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>. Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail at <mailto:[EMAIL PROTECTED]> _______________________________________________________________ This newsletter is sponsored by Oracle An Economist Intelligence Unit White Paper: From Grid to Great? Grid computing is breaking out. Familiar mostly to academics, government groups, and scientific researchers, this technology that links together the power of diverse computers to create powerful, fast and flexible systems is beginning to catch on in the corporate world. Included in this white paper, results and interviews from a global survey among Sr Executives, click to download now http://www.fattail.com/redir/redirect.asp?CID=72606 _______________________________________________________________ ARCHIVE LINKS Breaking identity management news from Network World, updated daily: http://www.nwfusion.com/topics/directories.html Archive of the Identity Management newsletter: http://www.nwfusion.com/newsletters/dir/index.html _______________________________________________________________ FEATURED READER RESOURCE WONDERING IF YOUR PAY IS UP TO SNUFF? Check out Network World's 2004 Salary Calculator to see if you're getting paid what you're worth. Using data collected in the 2004 Network World Salary Survey, we've programmed this calculator with several categories that could affect your pay. Answer the questions and find out what the average salary is for your job category. Click here: <http://www.nwfusion.com/salary/2004/calculator.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
