Tuesday Dec 22, 2009

IDM Buzz Podcast: ROA, OAuth, REST Services and OpenSSO

Last week I had the opportunity to record an IDM Buzz Podcast with Michael Cote of Redmonk and Jamie Nelson, Sun's Director of Engineering for OpenSSO.

In this episode we discuss the latest OpenSSO Express 9 launch and our new Fine-Grained Authorization (FGA) capabilities. We also explain why we chose a Resource Oriented Architecture when designing our FGA solution and did some therapy with Cote to help him deal with his exposure to a shaved, punk rock cat (we're hoping his health care covers the session).

Listen Now

Also, if you missed our webinar last week on the OpenSSO Fine-Grained Authorization capabilities check out the replay here. Enjoy!

Thursday Dec 17, 2009

Watch Webinar: Next Generation Fine Grained Access Control Using Open SSO

For those that missed it, below is the webinar we recorded yesterday on OpenSSO's new Fine-Grained Entitlement Enforcement capabilities. Enjoy! You can also read the press release here.

Wednesday Dec 09, 2009

OpenSSO Integrates with EJBCA, Enterprise Class PKI Certificate Authority

There's a couple of nice technical articles available that demonstrate how to integrate EJBCA and OpenSSO. EJBCA is an enterprise class PKI Certificate Authority built on J2EE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used stand-alone or integrated in other J2EE applications. EJBCA provides users with digital certificates for strong authentication and digital signatures. OpenSSO uses these credentials to provide single sign-on and authorization. Check out the articles.

Using OpenSSO To Protect Java EE Applications: Setting Up X.509 Client Authentication

Integrating EJBCA and OpenSSO (pdf)

Tuesday Dec 08, 2009

Next-Generation Fine-Grained Entitlement Enforcement Using OpenSSO

As we near the end of the year, Kuppinger Cole and Sun Microsystems will take an in-depth look at how you can externalize authorization using next-generation technology that scales! Analyst Felix Gaehtgens will review the market and provide insight into what's ahead, and Sun Chief Identity Strategist Daniel Raskin will share exciting news about how customers can use OpenSSO to implement a repeatable, scalable process for externalizing authorization.

Register Now for this free Webinar to learn more about:

\* What's happening in the market regarding externalized authorization
\* Key trends and priorities
\* Actions you should think about for 2010 and beyond
\* Fine-grained entitlement enforcement in OpenSSO Express 9

While other vendors offer fine-grained entitlement enforcement as a standalone solution, Sun's OpenSSO is the only solution to deliver access management, federation, secure Web services and now fine-grained entitlement enforcement — all in a single application.

Date: Wednesday, December 16, 2009
Time: 10:00 am PDT / 1:00 pm EDT / 19.00 CET (
check my timezone)
Duration: 1 hour
Speaker: Kuppinger Cole Analyst Felix Gaehtgens and Sun Chief Identity Strategist Daniel Raskin

OpenSSO & Layer 7: End-to-End Web Services Security

Last week I recorded a new Identity Buzz Podcast with K. Scott Morrison, Layer 7 CTO & Chief Architect. We discussed the Sun OpenSSO Enterprise / Layer 7 SecureSpan Gateway integration. The combined Sun / Layer 7 solution offers a powerful one-two punch when trying to conquer web services security.

Essentially, the solution allows you to deploy SecureSpan as a policy enforcement point and OpenSSO as a Policy Decision Point when abstracting and centralizing authentication and authorization for your company's web services. The SecureSpan Gateway is a nice complement to OpenSSO because it inserts an abstraction layer between the web service requesters and web service endpoints in order to govern and secure their transactions. Rather than having to deploy a local agent to protect every web service you can implement a gateway that acts as a broker to all your services.

To learn more about this integration listen to our latest Identity Buzz Podcast on the topic.

Listen Now

You can also subscribe to the feed and get episodes automatically. Here’s the iTunes friendly link and the Feedburner feed. There is also a nice article describing the integration on the Sun Developer Network titled "Delegating XML Gateway Runtime Authorization to OpenSSO." Enjoy!

Wednesday Dec 02, 2009

Sun Identity Management Suite Partner Integrations

Sun prides itself on the breadth and depth of it's Sun Identity Management Suite partner integrations. We work hard to make sure that customers can integrate our products with all kinds of popular 3rd party solutions. This not only helps extend the breadth of capabilities you can deploy with your Sun Identity Management infrastructure, but also lowers the development cost of integrating our offerings with partner offerings to create a best-of-breed solution. We have hundreds of partnerships with strategic consulting providers, delivery specialty partners and ISV partners. Below are a set of new solution briefs we made available for a few of our popular ISV partners. Enjoy!

Risk-based and multifactor authentication provides supplementary identity protection for applications secured by Sun OpenSSO Enterprise. Delivered on-premise or as Arcot-hosted service. ArcotID software credential provides transparent two-factor protection.
Solution Brief

BrinQa offers a comprehensive Governance, Risk & Compliance platform that provides the flexibility of a web application and the robustness of a solid framework. The products offer Fortune 2000 companies a complete solution that brings the separate functions of G-R-C together for a holistic view of Information Risk. In addition, our out-of-the-box applications target the most critical business needs in the ITGRC market today.
Solution Brief

Cyber-Ark's Privileged Identity Management (PIM) Suite is an enterprise-class, full life-cycle solution for securing, managing, automatically changing and monitoring all activities associated with privileged accounts. This includes the Root account on UNIX/Linux, Administrator in Windows, Cisco Enable, Oracle systems/sys, MSSQL SA, SAP Application Server and many more such as Emergency or 'Firecall' IDs.
Solution Brief

Intellitactics solutions provide cost-effective choices for all organizations. Whether the focus is -- Compliance, Proactive threat management to protect information assets, Defending the enterprise against ingenious attacks or malicious insiders. These solutions enable every organization to reap the benefits of actionable visibility to IT risk relevant information and risk events.
Solution Brief

Passlogix offers enterprise single sign-on combined with Sun Identity Manager and Sun OpenSSO Enterprise to allow system administrators to directly distribute user credentials (usernames and passwords) for all enterprise applications (Web and non-Web).
Solution Brief


Read my extraordinary thoughts about the world of identity and access management. As an identity child prodigy, I have much to say about these subjects.


« December 2009 »