NETWORK WORLD NEWSLETTER: JOHN FONTANA ON SECURITY 11/04/04 Today's focus: Roadblocks for shared IDs: Trust, immature standards
Dear [EMAIL PROTECTED], In this issue: * Report from Digital ID World conference * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by SBC Gimme Shelter! Converged Services Spell Relief For Beleaguered Network Managers Switched IP networks are rapidly becoming the corporate communications architecture of choice. By converging voice, data and video onto IP telephony platforms and Virtual Private Networks, enterprises can supply bandwidth when and where end users need it, while significantly lowering administrative and equipment costs. Click here to download this Whitepaper now http://www.fattail.com/redir/redirect.asp?CID=85985 _______________________________________________________________ WHAT ARE YOU DOING TO GET AHEAD? An IT recruiter outlines the actions you should take to advance your career. Learn how you can gather the enduring respect of colleagues, clients and business associates without coming off as pompous or self-serving. Click here to find out what you need to do to get ahead: http://www.fattail.com/redir/redirect.asp?CID=86110 _______________________________________________________________ Today's focus: Roadblocks for shared IDs: Trust, immature standards By John Fontana EDITOR'S NOTE: M.E. Kabay is off this week. In place of his column, we present security-related stories from the pages of Network World. Speaking at last week's Digital ID World conference, American Express, Fidelity Investments, Boeing, Fifth Third Bank, Premier and a host of other companies shared their hopes, early successes and concerns as they try to integrate their identity management services with business partners and customers. The goal is the ability to have users authenticate themselves to their local network and then be able to pass that authentication to partners for access to services or data on the partner's network. The concept, known as federated identity, would ease user management and the associated costs, improve network security, provide a means to document regulatory compliance, and fuel e-commerce and Web services that let partners share computing resources. Early adopters are reporting some of those benefits mainly in combination with business partners with whom they already have a relationship. Those relationships, they say, are the place to start because they reduce the trust and legal issues inherent in sharing user data and exposing corporate systems. Both those issues are major sticking points to the adoption of federation. Users are concerned not only about liabilities in handling sensitive and often private data, but also how partners will use or share that information with others through federation, which could expose otherwise confidential data. "The challenge in federation is the trust model," says Mike Beach, associate technical fellow in the shared services group at Boeing. "How do we not jeopardize security and not anger customers?" Another challenge is standards. While there is agreement that identity management standards must converge, there is no industry agreement yet on one benchmark. The Security Assertion Markup Language seems to have garnered more acceptance than the Liberty Alliance specifications, although the two will converge in SAML 2.0, which is nearing standardization. IBM and Microsoft also are developing a competing specification called WS-Federation. While different in approach, both SAML and WS-Federation look to standardize the way companies share user and machine identities among disparate authentication and authorization systems. Beach says role-based access, in which a user is granted network privileges based on some defined role such as engineer, is another problem area. "We do role-based access today with about 400 airlines, and each one has its own roles. SAML isn't equipped to deal with that," he says. Fidelity has half-a-dozen companies and 200,000 people who use SAML-based federation services. Fidelity also does some federation between its internal benefits site and third-party providers, and internal federation so users have access to partners. "Time and effort put into education and legal issues are among our biggest gotchas," said Alex Popowycz, vice president of information security at Fidelity. But he said the technology solves access issues and agreed with other users that federated identity will be the wave of the future. "The technology is not ready today, but federated identity will eventually become ubiquitous," Beach said. This story continues online at: <http://www.nwfusion.com/news/2004/110104federate.html?page=2> _______________________________________________________________ To contact: John Fontana Senior Editor John Fontana covers Microsoft for Network World. Reach him at <mailto:[EMAIL PROTECTED]>. _______________________________________________________________ This newsletter is sponsored by SBC Gimme Shelter! Converged Services Spell Relief For Beleaguered Network Managers Switched IP networks are rapidly becoming the corporate communications architecture of choice. By converging voice, data and video onto IP telephony platforms and Virtual Private Networks, enterprises can supply bandwidth when and where end users need it, while significantly lowering administrative and equipment costs. Click here to download this Whitepaper now http://www.fattail.com/redir/redirect.asp?CID=85984 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
