06 Mar 2015

feedPlanet Identity

Mike Jones - Microsoft: HTML-Based OpenID Connect Logout Spec

A new HTML-Based OpenID Connect Logout spec has been published at http://openid.net/specs/openid-connect-logout-1_0.html. This can coexist with or be used instead of the current postMessage-based Session Management Spec. The abstract for the new spec states: This specification defines an HTTP-based logout mechanism that does not need an OpenID Provider iframe on Relying Party pages. Other protocols […]

06 Mar 2015 8:03am GMT

05 Mar 2015

feedPlanet Identity

Gluu: 4 Identity & Access Management Use Case Considerations

Here at Gluu we hate answering RFI's. It's a lot of writing for a small audience. So in the interest of salvaging our time, and perhaps even helping other organizations with similar questions, we like to publish our responses to some of the RFIs we receive (of course without any organization specific or sensitive information!). … Read more >>

05 Mar 2015 5:36pm GMT

Courion: Join Us at CONVERGE in Vegas!

Access Risk Management Blog | Courion

Venkat RajajiCONVERGE, our perennially popular annual customer conference, happens Tuesday May 19th to Thursday May 21st at the Cosmopolitan Hotel in Las Vegas. Click here to register and take advantage of a $150.00 discount if you sign-up before March 31st.

CONVERGE provides a great opportunity to mix and mingle with your peers and industry thought leaders. We're bringing together noted authorities in identity governance and administration to share their expertise, and we'll provide a peek into what's new at Courion and in the field of security.

Need to earn (ISC)² Continuing Professional Education credits toward your CISSP or other professional certification? On Tuesday May 19th we are offeriConverge skylineng a full day dedicated to technical training and workshops, including a deep dive into the Courion Access Assurance Suite so you can fully exploit this market-leading IGA suite's capabilities. Tech Tuesday at CONVERGE provides the ideal opportunity to earn those CPE credits and we'll be happy to submit the needed paperwork.

Our conference theme, Know the Odds - Win with Risk Aware IAM is based on the notion that in this age of the Internet of Things, it's essential to have concrete insight into your IAM infrastructure so you can better protect your company from access risks that may lead to a data breach. Courion's intelligent IAM provisioning and governance solutions, powered by the award-winning identity analytics solution, Access Insight, provides the knowledge you need to see exactly where threats are hiding so you can identify, quantify, and reduce risk.

So come, join us in Vegas and register today!

To learn more, go http://www.courion.com/CONVERGE.

Venkat Rajaji is Vice President of Product Management & Marketing for Courion.


05 Mar 2015 1:25pm GMT

Kuppinger Cole: Facebook profile of the German Federal Government thwarts efforts to improve data protection

In Martin Kuppinger

There is a certain irony that the federal government has almost simultaneously launched a profile on Facebook with the change of the social network's terms of use. While the Federal Minister of Justice, Heiko Maas, is backing up consumer organizations with their warnings of Facebook, the Federal Government has taken the first step in setting up its own Facebook profile.

With the changes in the terms of use, Facebook has massively expanded its ability to analyze the data of users. Data is also stored which is left behind by users on pages outside of Facebook for use in targeted advertising and possibly other purposes. On the other hand, the user has the possibility of better managing personal settings for his/her own privacy. The bottom line: it remains clear that Facebook is collecting even more data in a hard to control manner.

Like Federal Minister of Justice Maas says, "Users do not know which data is being collected or how it is being used."

For this reason alone, it is difficult to understand why the Federal Government is taking this step right at this moment. After all, it has been able to do its work so far without Facebook.

With its Facebook profile, the Federal Government is ensuring that Facebook is, for example, indirectly receiving information on the political interests and preferences of the user. Since it is not clear just how this information could be used today or in the future, it is a questionable step.

If one considers the Facebook business model, it can also have an imminent negative impact. Facebook's main source of income is from targeted advertising based on the information that the company has collected on its users. With the additional information that will be available via the Federal Government's Facebook profile, for example, interest groups can, in the future, selectively advertise on Facebook to track their goals.

Here it is apparent, as with many businesses, that the implications of commercial Facebook profiles are frequently not understood. On the one hand, there is the networking with interested Facebook users. Their value is often overrated - these are not customers, not leads and NOT voters, but at best people with a more or less vague interest. On the other hand, there is information that a company, a government, a party or anyone else with a Facebook profile discloses to Facebook: Who is interested in my products, my political opinions (and which ones) or for my other statements on Facebook?

The Facebook business model is exactly that - to monetize this information - today more than ever before with the new business terms. For a company, this means that the information is also available to the competition. You could also say that Facebook is the best possibility of informing the competition about a company's (more or less interested) followers. In marketing, but also in politics, one should understand this correlation and weigh whether it is worth paying the implicit price for the added value in the form of data that is interesting to competitors.

Facebook may be "in" - but it is in no way worth it for every company, every government, every party or other organization.

End users have to look closely at the new privacy settings and limit them as much as possible if they intend to stay on Facebook. In the meantime, a lot of the communication has moved to other services like WhatsApp, so now is definitely the time to reconsider the added value of Facebook. And sometimes, reducing the amount of communication and information that reaches one is also added value.

The Federal Government should in any case be advised to consider the actual benefits of its Facebook presence. 50,000 followers are not 50,000 voters by any means - the importance of this number is often massively overrated. The Federal Government has to be clear about the contradiction between its claim to strong data protection rules and its actions. To go to Facebook now is not even fashionable any more - it is plainly the wrong step at the wrong time.

According to KuppingerCole, marketing managers in companies should also exactly analyze which price they are paying for the anticipated added value of a Facebook profile - one often pays more while the actual benefits are much less. Or has the number of customers increased accordingly in the last fiscal year because of 100,000 followers? A Facebook profile can definitely have its uses. But you should always check carefully whether there is truly added value.

05 Mar 2015 9:32am GMT

Kuppinger Cole: BeyondTrust PowerBroker Auditor Suite - 70891

In KuppingerCole

BeyondTrust PowerBroker Auditor Suite is a set of auditing tools for Windows environments. Together they provide a unified real-time insight and an audit trail for file system, SQL Server, Exchange and Active Directory access and changes.


05 Mar 2015 8:51am GMT

04 Mar 2015

feedPlanet Identity

Kaliya Hamlin - Identity Woman: IIW is early!! We are 20!! We have T-Shirts

Internet Identity Workshop is only a month away. April 7-9, 2015 Regular tickets are only on sale until March 20th. Then prices to up again to late registration. I'm hoping that we can have a few before we get to IIW #20!! Yes it's almost 10 years since we first met (10 years will be […]

04 Mar 2015 10:01pm GMT

Kaliya Hamlin - Identity Woman: IIW topics so far

We keep track of topics folks want to talk about on our Identity Commons wiki. I figured I would pull the list out from there and share it here…Its looking good so far. What topics are you planning to present about or lead a discussion about at this IIW? Notification management - Notifs unhosted identity […]

04 Mar 2015 7:32pm GMT

Vittorio Bertocci - Microsoft: ADAL v3 Preview – March Refresh

It's time for a refresh for ADAL .NET v3 preview!
There's nothing earth-shattering this time around… if you don't consider adding a brand new platform earth-shattering, of course

This refresh includes lots of bug fixes and small improvements, as you would expect from a refresh. However as the feature set [...]

04 Mar 2015 4:00pm GMT

Kuppinger Cole: Executive View: Covertix SmartCipher™ - 71267

In KuppingerCole

The Covertix SmartCipher™ Product Suite provides an important solution for the protection of unstructured data files on premise, shared with partners and held in the cloud...


04 Mar 2015 7:53am GMT

Mike Jones - Microsoft: JWK Thumbprint -04 draft incorporating feedback during second WGLC

The latest JWK Thumbprint draft addresses review comments on the -03 draft by Jim Schaad, which resulted in several clarifications and some corrections to the case of RFC 2119 keywords. The specification is available at: http://tools.ietf.org/html/draft-ietf-jose-jwk-thumbprint-04 An HTML formatted version is also available at: http://self-issued.info/docs/draft-ietf-jose-jwk-thumbprint-04.html

04 Mar 2015 2:15am GMT

03 Mar 2015

feedPlanet Identity

Kuppinger Cole: KuppingerCole Analysts' View on Internet of Things

In KuppingerCole

For a topic so ubiquitous, so potentially disruptive and so overhyped in the media in the recent couple of years, the concept of the Internet of Things (IoT) is surprisingly difficult to describe. Although the term itself has appeared in the media nearly a decade ago, there is still no universally agreed definition of what IoT actually is. This, by the way, is a trait it shares with its older cousin, the Cloud.

On the very basic level, however, it should be possible to define IoT...

03 Mar 2015 10:59pm GMT

Kuppinger Cole: 16.04.2015: Make your Enterprise Applications Ready for Customers and Mobile Users

In KuppingerCole

Rapidly growing demand for exposing and consuming APIs, which enables organizations to create new business models and connect with partners and customers, has tipped the industry towards adopting lightweight RESTful APIs to expose their existing enterprise services and corporate data to external consumers. Unfortunately, many organizations tend to underestimate potential security challenges of opening up their APIs without a proper security strategy and infrastructure in place.

03 Mar 2015 1:52pm GMT

Mike Jones - Microsoft: Key Managed JSON Web Signature (KMJWS) specification

I took a little time today and wrote a short draft specifying a JWS-like object that uses key management for the MAC key used to integrity protect the payload. We had considered doing this in JOSE issue #2 but didn't do so at the time because of lack of demand. However, I wanted to get […]

03 Mar 2015 10:38am GMT

Kuppinger Cole: Executive View: SecureAuth IdP - 70844

In KuppingerCole

SecureAuth IdP combines cloud single sign-on capabilities with strong authentication and risk-based access control while focusing on both internal and external users that want to access to both on-premise and cloud services...


03 Mar 2015 8:51am GMT

02 Mar 2015

feedPlanet Identity

Kuppinger Cole: Howard Mannella's Keynote about Taleb's Black Swan Theory at EIC 2015

In European Identity and Cloud Conference

Howard Mannella, a seasoned expert and thought leader for resiliency and big disasters, will talk about how to mitigate against unpredicted, massively game-changing events.

02 Mar 2015 9:43pm GMT

Drummond Reed - Cordance: Brad Feld on How to Deal with Email After a Long Vacation

My Newsle service spotted this post by Brad Feld about his recommended approach to dealing with missed email: ignore it and re-engage with your email stream afresh upon your return. I completely agree; that's was the same conclusion I came to after … Continue reading

02 Mar 2015 8:54pm GMT