NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT 09/06/04 Today's focus: Define 'policy,' Part 1
Dear [EMAIL PROTECTED], In this issue: * How the IETF defines 'policy' * Links related to Identity Management * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Xerox Want to learn the key steps to building a document output strategy that will enhance productivity and reduce costs for your organization? Start by downloading Xerox's white paper, Optimizing Document Output ROI. See how Xerox's solutions can help you manage devices, reduce costs and even boost productivity. http://www.fattail.com/redir/redirect.asp?CID=80878 _______________________________________________________________ DOWNLOAD THE LATEST SPECIAL REPORTS FROM NETWORK WORLD Focused reports on compelling industry topics, Network World Special Reports are available online at Network World Fusion. Network World Special Reports on IP Telephony Security, the State of Wireless LANs, trends in the networked world and more are currently available. Download any or all of our Special Reports at: http://www.fattail.com/redir/redirect.asp?CID=79655 _______________________________________________________________ Today's focus: Define 'policy,' Part 1 By Dave Kearns When last we met (in a virtual sense, that is), I had asked your help in defining "policy" so that it no longer was the ambiguous term - used by those of us in the identity management arena, those in the security camp and those with an application or service to sell who want to latch onto the latest buzzword - with so many meanings that it really had no meaning. I knew I could count on you to come through, and you did. One suggestion which came up repeatedly resolves itself to: don't change anything. The argument is that there are so many different people with an ax to grind that consensus is impossible. If we in identity management try to seek a consensus definition we won't succeed because no one else will accept our consensus. Thus we lose precision with no gain in understanding. What we risk, of course, is that others will misunderstand what we mean, to our detriment. To avoid that we would need to define the term almost every time we use it, especially to those outside the identity management discipline - those who more and more are making the identity management decisions. While the premise, getting everyone to agree on a definition, is most likely true I'm not sure the conclusion, that we stick to our own definition, is the best answer. Some others pointed me towards the IETF's RFC 3198, "Terminology for Policy-Based Management": <http://www.faqs.org/rfcs/rfc3198.html> This RFC was co-authored by John Strassner, formerly of Cisco, who almost single-handedly created what became known as Directory-Enabled Networking (DEN). For this feat I awarded him the Wired Windows Networking MVP award for 1998. Strassner's book, "Directory Enabled Networks," is now, sadly, out of print but might still be found in a good used technical bookstore. More than a chapter was devoted to DEN's policy model. This all led to the need for a vocabulary, a terminology, a taxonomy for discussing policy. The RFC was the natural outcome of this need. One of the terms the RFC defines is, of course, "policy." This is what it says: "'Policy' can be defined from two perspectives: - A definite goal, course or method of action to guide and determine present and future decisions. 'Policies' are implemented or executed within a particular context (such as policies defined within a business unit). - Policies as a set of rules to administer, manage, and control access to network resources [RFC3060]. Note that these two views are not contradictory since individual rules may be defined in support of business goals." The reference to "RFC3060" is to a document (also co-authored by Strassner) describing an object-oriented information model for representing policy information. John spent a long time at Cisco, and we can see that his thinking in terms of "policy" was heavily influenced by the security usage of that word he encountered at the network hardware company. Still, the second definition, "Policies as a set of rules," ties in neatly with another very good response I received and which we'll get to in the next issue. RELATED EDITORIAL LINKS Primer on Directory Enabled Networks Network World Directory Newsletter, 01/05/00 http://www.nwfusion.com/newsletters/dir/0103dir2.html 1998 networking MVPs Network World, 12/21/98 http://www.nwfusion.com/archive/1998b/1221kearns.html _______________________________________________________________ To contact: Dave Kearns Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill <http://www.vquill.com/>. Kearns is the author of three Network World Newsletters: Windows Networking Tips, Novell NetWare Tips, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>. Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail at <mailto:[EMAIL PROTECTED]> _______________________________________________________________ This newsletter is sponsored by Xerox Want to learn the key steps to building a document output strategy that will enhance productivity and reduce costs for your organization? Start by downloading Xerox's white paper, Optimizing Document Output ROI. See how Xerox's solutions can help you manage devices, reduce costs and even boost productivity. http://www.fattail.com/redir/redirect.asp?CID=80878 _______________________________________________________________ ARCHIVE LINKS Breaking identity management news from Network World, updated daily: http://www.nwfusion.com/topics/directories.html Archive of the Identity Management newsletter: http://www.nwfusion.com/newsletters/dir/index.html _______________________________________________________________ FEATURED READER RESOURCE CHECK OUT NW FUSION'S NEW WHITE PAPER LIBRARY NW Fusion's White Paper Library was recently re-launched with new features and improved capabilities! Sort NW Fusion's library of white papers by Date and Vendor, view white papers by TECHNCIAL CATEGORY, mouse over white paper descriptions and take advantage of our IMPROVED white paper search engine. CLICK HERE: <http://www.nwfusion.com/vendorview/whitepapers.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
