Monday Sep 28, 2009

Thanks, Dave!

I was honored today to have the wise sage of Identity, Dave Kearns, refer to me a “fellow grandfather” and borrow content from my DIDW post (with my permission, of course) in his article about Digital ID World.  It’s always great to share thoughts with Dave.

Thursday Sep 17, 2009

Digital ID World – Final Thoughts

I missed the final sessions of Digital ID World on Wednesday because of commitments in California.  Judging from the Twitter traffic, it sounded like some great stuff was discussed.

As a follow-up to my posts for Day 1 and Day 2, here my top ten final thoughts about the conference (without the benefit of Day 3):

  1. Most Stimulating Information. Jeff Jonas’ discussion about using data analytics to discover space-time-travel characteristics of individuals was both challenging and disturbing.
  2. Newest Identity Concept. Phil Windley’s proposal to enable contextualized, purpose-based user experiences using the web browser as a point of integration triggers lots of new thoughts about extracting value from the Internet.
  3. Most Reinforced Notion. The Identity Management market is maturing.  Companies are seeking to learn best practices for getting the most out of their investments.
  4. Biggest Question in my Mind. How much validity should we place in Symplified’s claim that “Federation is Dead.  Long Live the Federation Fabric?”
  5. Most Enjoyable Networking Moments.  Meeting folks in person I have only met virtually beforehand.  In person wins every time.
  6. Most-asked Question.  Nearly everyone whom I spoke with asked me something about the Oracle acquisition of Sun.  That happened to be the easiest question for me to answer: “Until the deal closes, we are independent companies.  We must wait until then for details.”
  7. Best Trade Show Giveaway. An LED flashlight from Novell.  Incandescent bulb flashlights seem to be quickly joining buggy whips in the dustbins of history (except for special cases).
  8. Biggest Pet Peeve.  No power strips or WIFI were provided for attendees.  This severely limited note taking and real-time blogging.
  9. Most Entertaining Event.  No, not the parties.  It was the Chinese guy who drove my taxi to the airport.  He chattered non-stop for the whole trip about technology, Maryland, California, Utah, Idaho, Micron, Sun Microsystems, Oracle, potato chips, microchips, stock trading, traffic and dishonest taxi drivers.  What a hoot!
  10. Biggest Disappointment. The show seems to get smaller each year – both in the number of attendees and participating vendors.  Will it survive?

That’s my list.  What do you think?

Tuesday Sep 15, 2009

Digital ID World - Day 2

didw09 Today was really the first “official” day of the Digital ID World conference, but for me – Day 2.  So, here are some short highlights of the sessions I attended.

Cops and Robbers, Las Vegas Style – Jeff Jonas, Chief Scientist, IBM Entity Analytic Solutions

  • Las Vegas is his “laboratory” for identity analytics – resorts typically have 100+ systems and 20,000+ sensors
  • Context engines close the gap between the rapidly increasing amount of digital data and the less rapid growth of “sense-making” algorithms
  • Mobile operators are accumulating 600 billion cellphone transaction records annually and are selling this data to third parties who use advanced analytics to identify space/time/travel characteristics of individual people

Context Automation – Phil Windley, CTO, Kyntetx

  • Current focus in web marketing is focused on servers, using the metaphor of “location”
  • Focus on “purpose” from the client’s perspective, using an intelligent, adaptable browser, will bridge between server-based silos to give users a richer, more purposeful experience

The Implications of Privacy on IDM – Larry Ponemon, Founder and Chairman, Ponemon Institute

  • Many cultural differences are evident between nations and areas of the world with regard to privacy, security and identity management expectations.
  • Companies doing business internationally will need to be sensitive to cultural and legal issues in the nations where they do business.
  • People are growing tired of fact-based identity
  • Perceptions of privacy are inextricably linked to identity and authentication

Business Process and Legal Issues in Cross-Org Secure Collaboration – Peter McLaughlin, Foley & Lardner

  • Regulatory language should be treated as a floor, rather than a ceiling
  • Normal industry practices may represent minimum requirements but may not guarantee compliance
  • Make sure your business partners abide by same laws your company is subject to
  • Reputational risk will always stay with your company, but you may seek to share financial risk with partners

Identity Governance Frameworks – Marc Lindsey, Levine, Blazak, Block & Bootby

  • Legal agreements seek to apportion liability - who is responsible for what?
  • Comprehensive frameworks for governing such agreements are emerging
  • Modern federation agreements need to be better than the old EDI agreements

Dealing with International Privacy Laws – Discussion led by Larry Ponemon, Founder and Chairman, Ponemon Institute

  • Complex international privacy laws affecting data transport hamper organizations' ability to do their legitimate work.
  • Will it be easier or harder to deal with international differences in privacy laws in five years?  (majority of audience said no)

Federation is Dead: Long Live the Federation Fabric – Symplified

  • Federation must move to utility model to overcome issues of costs and complexity associated with one-to-one integration.

Building Good Practices into Your Processes – Edward Higgins, Vice President of Security Services, Digital Discovery Corporation

  • Education of employees on good security practices is critical part of getting value from your IDM investment


Digital ID World - Day 1

didw09 On Monday and Tuesday this week, I attended the Digital ID World (DIDW) conference held at the Rio Hotel in Las Vegas.  It has been enjoyable to take the pulse of the industry from yet another vantage point and connect with fellow Identity Management practitioners from diverse locations.  Of course, the first question nearly everyone asked  me had something to do with Oracle, but, of course, I can’t talk about that.  So, here are very brief highlights of each session I attended the first day (Authentication and Virtual Directory “Summit Sessions”):

The State of Authentication and its Impact on IDM – Jim Reno, CTO, Arcot

  • “Risk Based Authentication” is a fourth factor of authentication, augmenting traditional factors (what you have, know, and are)
  • Authentication should consider context when assessing risk

Authentication Case Study – Naomi Shibata, former GM/COO, MLSListings

  • Communications with users is essential prior to authentication system rollout

The Future of Authentication – panel including Jim Reno and Naomi Shibata, moderated by Bill Brenner, Sr. Editor of CSO Magazine

  • Business, legal, regulatory and liability issues are more onerous than technical issues when considering an authentication system
  • Authentication technology advances usually occur in response to advances in threats
  • Enterprises should periodically re-verify appropriateness of installed authentication systems in light of advances in technology and threats
  • Identity assurance is increasing in importance

Identity Service Virtualization and Context Management – Michel Prompt, CEO/Founder, Radiant Logic

  • It is difficult to define Identity without understanding the context in which it is used
  • Understanding relationships between identity objects enables a global model that links identities together to enable contextual views
  • Such Identity linking can occur in a virtualization layer between diverse identity repositories and applications which consume those identities

Case Study: Identity Services and Virtualization – Bill Brenner, CSO Magazine and Mohammad Khattak, Booz Allen Hamilton

  • Dynamic Access Control requires consolidate identity repository with many sources of identity information
  • When aggregating data sources, we need to understand the trust level in each source repository

Impact of Oracle/Sun Acquisition – David Rusting, Unisys and Todd Clayton, CoreBlox

Note: I am restricted from commenting on product roadmaps or anything related to the Oracle acquisition of Sun.  The following comments are views expressed by the panelists.

  • The primary discussion focused on how customers should plan for potential changes in either Sun or Oracle directory roadmaps
  • A virtualization layer between director and applications may provide a layer of abstraction to shield customers from changes in vendor roadmaps and reduce tie to single vendor
  • This may be a time to re-evaluate application needs and determine which direction to go with regards to directory technology

Stay tuned for Day 2!

Monday Sep 15, 2008

Scan those Cards

Last week, a minor miracle occurred.  When I returned home from the Digital ID World conference, I already had all the contact information from business cards I had received entered into MS Outlook, where I maintain my extensive personal address book.

How did I do it? I used my new Scan2Contacts personal scanner to scan in each business card and create a new contact record in my Outlook application data store.  What a time saver!  It's not 100% accurate on all cards, but it is close enough to make a big jump forward in personal productivity.  I like jumps like that.

Technorati Tags: , , ,

Tuesday Oct 09, 2007

Small Identity World

I just realized that I had written, not didn't post, the following article. It is still worth posting.

A couple of events at Digital ID World reminded me how small the Digital Identity world really is. The first happened when I happened to walk into the DIDW Novell booth and came face to face with Steve Carter, a Novell Distinguished Engineer who is one of the leading architects of Identity Management for Novell. Steve and I were hired in April, 1977, by a small company in Provo, UT, named Eyring Research. We worked side by side at the company for twelve years. I had exchanged occasional emails with Steve over the past few years, but hadn't seen him for probably 15 years. It took a chance meeting at DIDW to re-unite us in person.

The second event showed me that others share small world experiences as well. At a Sun customer reception the first night of DIDW, I was introduced to a Sun ISV partner who had some some interesting concepts to discuss in the area of strong authentication. As an aside, he asked, "Do you know Nimish Radia? Sun is a huge company, but I had to ask. He's my cousin."

"Why of course," I replied. "I talked to him on the phone this morning!"

So, out of 30,000 Sun employees, I know a cousin of an Identity guy I met at DIDW!

Much has been said in our industry about the importance of Identity relationships. It turns out that meeting together as Identity professionals now and then both strengthens old personal relationships and kindles new ones in unique and wonderful ways.

Technorati Tags: , , , ,

Tuesday Sep 25, 2007

Serendipity ala Doc Searls

I love serendipity. Yesterday, as I was travelling on BART to attend the Digital ID World conference, I was listening to Steve Covey's book, "The Eighth Habit," on my iPod. He quoted the authors (incuding Doc Searls) of the "Cluetrain Manifesto" as he stressed the fact that all humans have choice, that they are not "things" to be exploited by the business practices of the Industrial Age.

The second keynote speaker of DIDW on Monday was none other than Doc Searls, addressing the topic "Managing the Decentralization of Identity." What did he stress? That people are not things to be "managed" by vendors.I really enjoyed statements Doc made, like (somewhat paraphrased):

  • "We are not seats or eyeballs or end users or consumers. We are human beings - and our reach exceeds your grasp. Deal with it."
  • "What does Identity have to do with Independence? Use it to build the opposite of a CRM prison. CRM is about customer control. It tends to dictate way customers can relate to the seller. It sees customers as data, not people."
  • "Facebook is a highly managed walled-garden. If their "confirm your friendship" process is so inane, how can they be trusted to be a universal Identity provider?"
  • "About advertising: Your attention is sold to the advertiser. We are the plankton that is fed to them."
  • "Markets are: conversations, transactions, relationships. Of these, relationships are key."
  • "VRM doesn't exist yet, but it will."
Thanks, Doc, for an informative, inspiring talk. Plus, you look dapper in a coat and tie!

Technorati Tags: , , , , ,

Monday Sep 24, 2007

Phil Becker: Third Wave of Digital Identity

As the first keynote speaker at Digital Identity World, Phil Becker proposed that we will soon enter a "Third wave of Digital Identity, driven by the demand for:

  • Promiscuous interconnectivity and user empowerment (self service)
  • Large scale, that reveals the need to modularize solutions and have interoperability standards
  • The need to interconnect and network Identity systems
He predicated that managing the decentralization of Identity would be a key part of this wave:
  • The natural state of Identity is decentralized
  • The concept that we can centralize identity data on any large scale has been found wanting
  • How can we manage and leverage identity while respecting its decentralized nature?
Phil further proposed that Identity Tomorrow will be characterized by two major trends:
  • Greatly increased networking between Identity Management domains
  • Emergence of compelling Identity based user experience driven applications

This trend towards Identity-based, user-experience-focused applications will be a realization of a trend that Phil explained earlier in the session, that we are in the midst of a transformation of the prevailing information security paradigm from "Keep out Unauthorized" to "Allow Access by Authorized." Reminds me of a blog I posted several months ago: "Use Identity Brakes to go Fast."

Technorati Tags: , , , ,

Blogging DIDW in Real Time

Good morning! I am sitting in the general session area for Digital ID World in San Francisco waiting for the event to start. I will post my observations and musings about this conference as it proceeds.

Technorati Tags: , , , ,


Discovering Identity was founded on in May 2005 as a means of documenting my exploration of the field of Identity and Access Management. In February, 2010, I switched to hosting the blog at In March 2012, I began posting Oracle-related information in both places.

Thanks for stopping by.

Please connect with me in cyberspace at LinkedIn or Twitter.

The views expressed on this blog are my own and do not necessarily reflect the views of my employer, Oracle Corporation, or any other person or organization.


« June 2016