New identity management products abound

IBM, RSA, Netegrity, Entrust, Sun, Novell, and others are teaming up to offer solutions with the latest ID management features

Despite the slow pace of the standards race, identity management has been a maelstrom of activity in recent months, as vendors push their latest efforts to market and clamor to establish partnerships in an industrywide trend to offer a complete solution to privacy-policy needs.

IBM has undertaken a two-front approach to identity management, tackling standards on the one hand and trumpeting its Tivoli identity management system on the other. RSA Security, Netegrity, and Courion (see our Test Center Review of Courion Identity Management Suite) have souped up their wares with the latest ID management features, such as auditing and reporting, password synchronization, workflow, and integration with third-party tools. Perhaps most intriguing is the increasing number of vendors that have teamed up to incorporate their technologies in one another's solutions as the search for the just the right identity management mix has heated up.

Big Blue is committed to developing technologies that protect both data and privacy, says Harriet Pearson, vice president and chief privacy officer at IBM in Armonk, N.Y. She says that tighter security can be achieved without sacrificing privacy, which means that the technology must include controls for users to shut off functionality or to keep it always on.

Still, far too many people are in the dark about where identity management is headed, how business processes are applied to that model, and how technology has been enabled to protect privacy. "You can't buy a piece of technology and say, 'Is privacy baked in?' " Pearson says. "[You] can ask, 'Will this enable me to implement my information polices and requirements, [or] will this somehow get in the way of me being able to do that?' "

To help fuel the constant redesigns of Tivoli Privacy Manager and Tivoli Policy Manager, the IBM Privacy Institute in Zurich, Switzerland, has developed a privacy road map from the application layer down to the underlying infrastructure, Pearson notes. In addition, Big Blue relies on its 2-year-old Privacy Management Council to identify pain points crucial to designing Tivoli Privacy Manager. Made up of more than 25 IBM customers — including the U.S. Department of Commerce, the state of Michigan, Fidelity Investments, and Marriott International — the Council meets quarterly.

The fluidity of the ID management market is mirrored by the many recent multidirectional partnerships among players in this space, including Thor Technologies, Novell, and Business Layers (see our Test Center Review of eProvision).

Business Layers has baked its provisioning technology into Netegrity's newest iteration of IdentityMinder . The upgraded identity and access management software includes password synchronization and management, provisioning policies defined by a user's role-based attributes, and new auditing and reporting tools. It currently supports BEA Systems WebLogic and will soon support IBM WebSphere and JBoss.

Similarly, Oblix has developed a connector that allows users to plug in the identity management vendor's software as a front end to BMC Software's provisioning technology. Entrust has integrated Waveset's identity management technology into its Web-access management software to develop the Entrust Secure Identity Management Solution , the first of many joint security-services offerings to come from both vendors.

RSA entered an agreement that melds Thor Technologies' Xellerate enterprise provisioning software with its ClearTrust Web-access management tool; the new ClearTrust platform, featuring Xellerate's workflow and user self-service features, will be available this summer. Thor also teamed with Sun Microsystems in April, integrating Xellerate's provisioning muscle into the Sun ONE (Open Net Environment) identity management platform.

Also joining the race, Novell announced in April two new services, the Liberty identity provider for Novell eDirectory, previously named Saturn, and the SAML (Security Assertion Markup Language) extension for Novell iChain, which is designed to better handle a federated identity framework and will be available this month.

These vendors will continue to adapt their products to the standards established by the Liberty Alliance, Microsoft, and IBM, which are slowly and painfully moving together in their visions, says Dan Blum, an identity management analyst at the Burton Group in Midvale, Utah.

"Customers want the Microsoft, IBM, and Liberty Alliance players to converge, but it's hard for them to do that because Microsoft and IBM can't look at Liberty Alliance's work until it's published for everyone, and the Liberty Alliance can't look at their work until it's published," Blum explains. "They are not working together. They are only throwing things over the wall to each other."


Copyright © 2003 IDG Communications, Inc.

How to choose a low-code development platform