NETWORK WORLD NEWSLETTER: DAVE KEARNS ON IDENTITY MANAGEMENT 09/13/04 Today's focus: Mailbag: Use of the words 'Policy' and 'Rules', Part 1
Dear [EMAIL PROTECTED], In this issue: * One reader is amazed how vendors use the words "Policy" and "Rules" interchangeably * Links related to Identity Management * Featured reader resource _______________________________________________________________ This newsletter is sponsored by SBC Gimme Shelter! Converged Services Spell Relief For Beleaguered Network Managers Switched IP networks are rapidly becoming the corporate communications architecture of choice. By converging voice, data and video onto IP telephony platforms and Virtual Private Networks, enterprises can supply bandwidth when and where end users need it, while significantly lowering administrative and equipment costs. Click here to download this Whitepaper now http://www.fattail.com/redir/redirect.asp?CID=81084 _______________________________________________________________ CHECK OUT NW FUSION'S NEW WHITE PAPER LIBRARY NW Fusion's White Paper Library was recently re-launched with new features and improved capabilities! Sort NW Fusion's library of white papers by Date and Vendor, view white papers by TECHNCIAL CATEGORY, mouse over white paper descriptions and take advantage of our IMPROVED white paper search engine. CLICK HERE: http://www.fattail.com/redir/redirect.asp?CID=81017 _______________________________________________________________ Today's focus: Mailbag: Use of the words 'Policy' and 'Rules', Part 1 By Dave Kearns The discussion we've been having on the term "policy" has been generating quite a bit of traffic for my inbox. I'm going to share a fair amount of that with you while trying to avoid the activity colloquially known as "kicking a dead horse." <aside> While we all probably use the phrase "kicking a dead horse" to mean arguing a point long after either everyone has conceded the point, or simply lost interest, its original meaning was a bit different. A rider "kicks" a horse to urge it to go faster. Obviously, a dead horse can't go any faster. So kicking a dead horse is a futile attempt to do something. Thus, in debate, kicking a dead horse should mean arguing a point when there's no hope the other side will be convinced to accede to your point of view. At some point in a discussion, you may be inclined to state that the two parties should simply "agree to disagree." After that point, anyone still arguing is "kicking a dead horse." So if the discussion of "policy" goes on for far too long (as this aside has!), then let me know that I can "stop kicking." </aside> Jeff Davis, a director of product architecture at Safestone Technologies ( <http://www.safestone.com/> ) mentioned that before being directly involved in the world of identity management, he was "... always amazed about how vendors use the words Policy and Rules interchangeably." He explains: "The Policies I was involved with in my former life at a bank were very high-level and were supported by more stringent rule sets. It was the rule sets that could be 'codified' or 'enforced' electronically. Other policies could not be supported by rules but supported by practice and the practice was subject to providing an audit trail to ensure compliance." Policies, points out Davis, should be paper-based (like the original example of a "dress policy" see <http://www.nwfusion.com/newsletters/dir/2004/0830id2.html>. Rules are then codified to support the policy. Davis gives as an example a corporate policy (i.e., one written in a policy manual) that might state "You must change your password at regular intervals." Rules of the form "You must change your password every XX days" could then be instituted electronically where the number of days ("XX") would differ for different groups and roles. One of Davis' points is that policies should be harder to change than rules and that rules are used to support policies. He concludes: "I would prefer the vendors use the term Rule Based IAM [Identity and Access Management] rather than policy based as an IAM solution is quite specific in its approach and a tool to support/enforce policy. As for acronyms - maybe BRML and XBRML." (As a security guru, Davis uses IAM where many of us would use Identity Management.) I certainly can't disagree with the broad outlines Davis presents. If you can, or if you can bolster his argument, drop me a line and let me know. _______________________________________________________________ To contact: Dave Kearns Dave Kearns is a writer and consultant in Silicon Valley. He's written a number of books including the (sadly) now out of print "Peter Norton's Complete Guide to Networks." His musings can be found at Virtual Quill <http://www.vquill.com/>. Kearns is the author of three Network World Newsletters: Windows Networking Tips, Novell NetWare Tips, and Identity Management. Comments about these newsletters should be sent to him at these respective addresses: <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>, <mailto:[EMAIL PROTECTED]>. Kearns provides content services to network vendors: books, manuals, white papers, lectures and seminars, marketing, technical marketing and support documents. Virtual Quill provides "words to sell by..." Find out more by e-mail at <mailto:[EMAIL PROTECTED]> _______________________________________________________________ This newsletter is sponsored by SBC Gimme Shelter! Converged Services Spell Relief For Beleaguered Network Managers Switched IP networks are rapidly becoming the corporate communications architecture of choice. By converging voice, data and video onto IP telephony platforms and Virtual Private Networks, enterprises can supply bandwidth when and where end users need it, while significantly lowering administrative and equipment costs. Click here to download this Whitepaper now http://www.fattail.com/redir/redirect.asp?CID=81076 _______________________________________________________________ ARCHIVE LINKS Breaking identity management news from Network World, updated daily: http://www.nwfusion.com/topics/directories.html Archive of the Identity Management newsletter: http://www.nwfusion.com/newsletters/dir/index.html _______________________________________________________________ FEATURED READER RESOURCE NETWORK WORLD SPECIAL REPORTS NOW AVAILABLE Focused reports on compelling industry topics, Network World Special Reports are available online at Network World Fusion. Network World Special Reports on IP Telephony Security, the State of Wireless LANs, trends in the networked world and more are currently available. Download any or all of our Special Reports at: <http://www.nwfusion.com/vendorview/specialreports.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED] ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/BCfwlB/TM --------------------------------------------------------------------~-> <a href=http://English-12948197573.SpamPoison.com>Fight Spam! Click Here!</a> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/kumpulan/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
