"Geneva" Claims Based Access Platform
[http://www.microsoft.com/geneva]
"Geneva" helps simplify access to applications and other systems with an open and interoperable claims-based model. "Geneva" includes built-in interoperability via open industry standards and claims, and implements the industry Identity Metasystem vision for open and interoperable identity.
Amazon Community Content Search
[http://www.amazon.com/gp/community-content-search/]
Search Amazon for books on particular subjects people found interesting. This includes Listmania!
AuthenticationWorld.com
[http://www.authenticationworld.com/]
This website is meant to provide enterprise senior managers, IT and security management with a central resource on authentication. Here you can answer general questions like "What is authentication?" to detailed implementation guidelines and recommendations on implementing single sign on, password management, biometrics, providing a layered identity authentication strategy, etc.
Authernative
[http://www.authernative.com/]
Founded in 2000, Authernative, Inc. is a software company developing, marketing and selling enterprise level security solutions. Authernative overcomes the security and identity management challenges necessary to facilitate e-commerce by providing Web access control solutions to mass users in a cost effective, easily deployable, and easy to use manner, without hardware devices.
Bandit Project
[http://www.bandit-project.org]
Bandit is a system of loosely-coupled components that provide consistent identity services and creates a community that organizes and standardizes identity-related technologies in an open way, promoting both interoperability and collaboration. The Bandit project was founded by Novell.
Beta Systems - Identity Management and Security Administration
[http://www2.betasystems.com/en/portfolio/securitymanagement/index.html]
Beta Systems offers Identity Management and Security Administration solutions that reduce user provisioning costs and greatly facilitate administration. We create transparency and increase security at corporate level.
bhold company
[http://www.bholdcompany.com/]
BHOLD COMPANY is the leading provider of Role Based Access Control (RBAC) software. Based on the only truly proven RBAC model in the world, the BHOLD SUITE of products provides enterprise wide control over the use of IT. With BHOLDs RBAC solutions organizations improve their quality of IT-services, lower their cost of IT management, increase end-user productivity and meet regulatory requirements like Separation of Duties, Chinese Walls and discretionary access control.
Bridgestream - Business Roles Automation For Dynamic Enterprise
[http://www.bridgestream.com/]
Bridgestream is a leading provider of business roles automation solutions. Gartner named Bridgestream a "cool vendor" in the security and privacy space in 2005.
The Bridgestream SmartRoles software maps the business relationships that exist within a department, within a division and across the extended enterprise to provide fast, accurate and real-time information about role-based authorizations and changes.
Concordia - Liberty Alliance
[http://wiki.projectliberty.org/index.php/Concordia]
The Concordia Program is designed as an umbrella initiative to drive harmonization and interoperability of identity specifications and protocols. As expressed by the name (Roman goddess of agreement, understanding, and harmony), the goal of this group is to help drive the development of use-case scenarios where multiple identity specifications, standards and/or other initiatives might co-exist, recognizing heterogeneous deployment environments of the marketplace. Based on this open knowledge gathering process, the group recognizes that additional specifications, profiles and/or services may need to be defined.
Conor Cahill - Open Source
[http://www.cahillfamily.com/OpenSource/]
These toolkits implement the Liberty Alliance ID-WSF 1.0 and 2.0 protocols. The original code was developed by Conor Cahill while he was at AOL. AOL agreed to release the code under a BSD License. Intel Corporation, where Conor now works, has given permission to Conor to continue to develop and maintain the code on his own time and Conor continues to use a BSD license on the code.
Courion
[http://www.courion.com/]
Courion was founded in 1996 and introduced PasswordCourier®, the industrys first self-service password reset and password synchronization solution. Today, Courion provides enterprise-level provisioning solutions through its Enterprise Provisioning Suite to over 270 companies. Courion is a privately-held company headquartered in Framingham, Massachusetts, USA.
Credentica
[http://www.credentica.com/]
Credentica provides software solutions for enterprises with evolving needs in identity and access management. Our solutions enable organizations to electronically create, transfer, and verify assertions that they make about individuals and their devices.
Digital ID World
[http://www.digitalidworld.com/]
Digital Identity World is the hub of the digital identity industry, providing comprehensive news, exclusive interviews, market statistics and expert commentary on the people, companies, products and events shaping the digital identity space. Digital Identity World is dedicated to providing only the highest quality online industry resources, newsletters and community building conferences, events and tradeshows.
eTrust (CA) Identity and Access Management
[http://www3.ca.com/solutions/SubSolution.aspx?ID=4348]
eTrust Identity and Access Management solutions help your organization align its security management strategy with its business goals by: automatically managing who has access to which resources and services; logging and reporting what they have done; and enforcing business, privacy and security policies. CA has integrated the industry-leading solutions from Netegrity into the eTrust Identity and Access Management Solutions, so CA is now uniquely positioned to offer customers and partners integrated solutions to meet their business challenges.
Federated Identity Standards
[http://webservices.sys-con.com/read/46566.htm]
Federated identity and the standards surrounding it can be very confusing. From Liberty to WS-* to SAML and sea to shining sea, federation has become a bit of a tangle. This article will sort through some of the acronym jungle.
FIDIS (Future of Identity in the Information Society)
[http://www.fidis.net/]
The European Information Society (EIS) requires technologies which address trust and security yet also preserve the privacy of individuals. As the EIS develops, the increasingly digital representation of personal characteristics changes our ways of identifying individuals, and supplementary digital identities, so-called virtual identities, embodying concepts such as pseudonymity and anonymity, are being created for security, profit, convenience or even for fun. These new identities are feeding back into the world of social and business affairs, offering a mix of plural identities and challenging traditional notions of identity.
higgins trust framework project home
[http://www.eclipse.org/higgins/]
Higgins is a framework that will enable users and enterprises to integrate identity, profile, and relationship information across multiple systems. Using service adapters, existing and new systems such as directories, collaboration spaces, and communications technologies (e.g. Microsoft/IBM WS-*, LDAP, email, IM, etc.) can be plugged into the Higgins framework. Applications written to the Higgins API can virtually integrate the identity, profile, and relationship information across these heterogeneous systems. A design goal is that Higgins be useful in the development of applications accessed through browsers and rich clients. This project was founded by Novell with the coöperation of several major players in the market.
Homeland Security Privacy Office slams RFID technology
[http://www.gcn.com/online/vol1_no1/40808-1.html]
In this article you can read that the HSP Office is really paying attention to privacy and security related subjects. In the last few years we have seen an increase in new technologies that might compromise our privacy and security when not built or used properly. Consumers and even companies are not allows fully aware of the potential dangers.
Identity Commons
[http://wiki.idcommons.net/]
The purpose of Identity Commons is to support, facilitate, and promote the creation of an open identity layer for the Internet, one that maximizes control, convenience, and privacy for the individual while encouraging the development of healthy, interoperable communities.
Identity Enabled B2B
[http://www.sun.com/b2b]
The Java B2B Suite provides an integrated B2B platform for automating trading partner management, transaction visibility, and full-cycle transaction auditing in both enterprise and extranet environments. It combines market-leading identity management with comprehensive B2B integration to securely manage and automate system-to-system communication among trading partners
Identity Governance Framework
[http://www.oracle.com/goto/igf]
The Identity Governance Framework (IGF) is an open initiative to address governance of identity related information across enterprise IT systems. This initiative includes key initial draft specifications contributed by Oracle to the community. These specifications provide a common framework for defining usage policies, attribute requirements, and developer APIs pertaining to the use of identity related information. These enable businesses to ensure full documentation, control, and auditing regarding the use, storage, and propagation of identity-related data across systems and applications.
Identity Woman Blog
[http://www.kaliyasblogs.net/Iwoman/]
Identity Woman is avaliable to advise companies seeking to understand the landscape of user-centric digital identity and how it fits in stratigically with their existing or emerging businesses.
Infocard (WinFX)
[http://msdn.microsoft.com/winfx/reference/infocard/default.aspx]
"InfoCard" is the code name for a WinFX component that provides the consistent user experience required by the identity metasystem. It is specifically hardened against tampering and spoofing to protect the end user's digital identities and maintain end-user control.
Kim Cameron's Identity Weblog (www.identityblog.com)
[http://www.identityblog.com/]
Kim Cameron is Architect of Identity and Access in the Connected Systems Division at Microsoft, where he drives the evolution of Active Directory, Federation Services, Identity Integration Services, InfoCard and Microsoft's other Identity Metasystem products.
L-SEC (Leuven Security Excellence Consortium)
[http://www.l-sec.be/]
L-SEC provides a single point of entry to a unique geographic concentration of world-class e-security expertise and e-security professionals in Belgium. Formed in January 2002, it is an independent not-for-profit network organisation uniting all actors in the e-security value chain: users, hardware and software vendors, service and knowledge providers, experts in information technology law, research institutions and governmental organisations.
Liberty Alliance Project
[http://www.projectliberty.org]
The Liberty Alliance Project is an alliance of more than 150 companies, nonprofit and government organizations from around the globe. The consortium is committed to developing an open standard for federated network identity that supports all current and emerging network devices.
Microsoft Identity and Access Management Series
[http://www.microsoft.com/technet/security/topics/identitymanagement/idmanage/default.mspx?mfr=true]
This series of papers provides numerous identity and access management concepts, techniques, and solutions for use in heterogeneous IT environments. Identity and access management combines processes, technologies, and policies to manage digital identities and specify how they are used to access resources.
Microsoft Identity Integration Server 2003
[http://www.microsoft.com/windowsserversystem/miis2003/default.mspx]
Microsoft Identity Integration Server (MIIS) 2003 helps you synchronize identity information across a wide variety of identity stores, easily provision and de-provision accounts across systems, and enables self-service and helpdesk-initiated password management and reset from a Web browser to help you improve the efficiency of your organization and reduce operational costs.
Microsoft PKI Site
[http://www.microsoft.com/windowsserver2003/technologies/pki/default.mspx]
Microsoft Public Key Infrastructure (PKI) for Windows Server 2003 provides an integrated public key infrastructure that enables you to secure and exchange information with strong security and easy administration across the Internet, extranets, intranets, and applications.
Novell Security and Identity
[http://www.novell.com/solutions/securityandidentity/index.html]
Today's enterprises need to protect their IT infrastructures from information theft and comply with regulations while ensuring users' privacy. Novell's Identity & Access management software helps you secure your information assets without reducing operational effectiveness or compromising new opportunities. Novell can help you keep the bad guys out and let the good guys in without limiting your ability to do business in the real world.
OASIS Customer Information Quality (CIQ) TC
[http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=ciq]
The objective of the OASIS CIQ TC is to deliver a set of XML Specifications for defining, representing, interoperating and managing party information (including party relationships) that are truly open, vendor neutral, application independent and importantly "Global" (international).
OASIS Provisioning Services Technical Committee (PSTC)
[http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=provision]
The purpose of the OASIS Provisioning Services Technical Committee (PSTC) is to define an XML-based framework for exchanging user, resource, and service provisioning information. Among the standards developed is the Service Provisioning Markup Language (SPML).
OASIS Security Services (SAML) TC
[http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security]
SAML, developed by the Security Services Technical Committee of OASIS, is an XML-based framework for communicating user authentication, entitlement, and attribute information. As its name suggests, SAML allows business entities to make assertions regarding the identity, attributes, and entitlements of a subject (an entity that is often a human user) to other entities, such as a partner company or another enterprise application.
OASIS Web Services Security (WSS) TC
[http://www.oasis-open.org/committees/wss/]
Delivering a technical foundation for implementing security functions such as integrity and confidentiality in messages implementing higher-level Web services applications
Open Liberty - Project Aris
[http://openliberty.org/wiki/index.php/ProjectAris]
Project Aristotle is about creating a high-level general purpose application programming interface that enables application developers to access, update, and use Identity information in a privacy respectful, secure, and multi-protocol capable set of application program interfaces.
If you are a developer and finding the world of identity services just too complex, or you are about to decide to write your application as in its own "silo" so that you are insulated from the variability of a complex world; look no further! Project Aristotle is looking to solve your dilemma.
OpenGroup Identity Management Forum
[http://www.opengroup.org/idm/]
The Identity Management Forum focuses on promoting effective, open standards-based identity management, which allows the right information to reach the right people, and is a prerequisite for enabling Boundaryless Information Flow. The Forum members are active in a wide range of areas, from analyzing requirements to promoting best practices and education.
OpenID
[http://openid.net/]
This is a decentralized identity system, but one that's actually decentralized and doesn't entirely crumble if one company turns evil or goes out of business. An OpenID identity is just a URL. You can have multiple identities in the same way you can have multiple URLs. All OpenID does is provide a way to prove that you own a URL (identity). And it does this without passing around your password, your email address, or anything you don't want it to. There's no profile exchange component at all: your profiile is your identity URL, but recipients of your identity can then learn more about you from any public, semantically interesting documents linked thereunder (FOAF, RSS, Atom, vCARD, etc.).
openLiberty
[http://www.openliberty.org/]
openLiberty.org was established to provide easy access to tools and information to jump start the development of more secure and privacy-respecting identity-based applications based on Liberty Federation and Liberty Web Services standards. From solutions that support a single identity-based transaction to enterprise and government systems requiring the highest degree of security and privacy protection, openLiberty.org will help you more easily build and deploy a wide range of new relying party (identity-consuming) applications.
OpenSAML
[http://www.opensaml.org/]
OpenSAML 1.1 is an open source toolkit for implementing solutions using the SAML 1.1 and 1.0 specifications. It is a production quality release available for Java (1.4+) and C++ applications.
OpenSAML 2.0 is in development, and will include support for the SAML 2.0 standard, as well as legacy support for SAML 1.1 and 1.0. The redesigned library includes a superset of the functionality in earlier versions, but will NOT be API-compatible with them.
OpenSPML
[http://www.openspml.org/]
A Web site dedicated to the promotion and distribution of an open source client code that supports the Service Provisioning Markup Language (SPML) developed by the OASIS Provisioning Services Technical Committee (PSTC).
Oracle Identity Management
[http://www.oracle.com/products/middleware/identity-management/identity-management.html]
Oracle Identity Management's best-in-class suite of IdM solutions delivers the industrys only hot-pluggable middleware, allowing enterprises to manage the end-to-end lifecycle of user identities across all enterprise resources both within and beyond the firewall. You can now deploy applications faster, apply the most granular protection to enterprise resources, automatically eliminate latent access privileges, and much more.
OSIS Working Group
[http://osis.netmesh.org/wiki/Main_Page]
the OSIS project brings together heads of open-source projects related to digital identity, in order to enable those projects to work independently, but aligned, so overlap of work is avoided, and the parts developed by different projects can fit and to deliver an open-source identity selector as a joint effort of multiple projects, which is intended to be at least as functional, and fully compatible, with Microsoft's CardSpace (formerly known as InfoCard) identity selector that will be shipped with Windows Vista.
Planet Identity
[http://planetidentity.org/]
Planet Identity is an aggregation of public weblogs related to Identity Management. The opinions expressed in those weblogs and hence this aggregation are those of the original authors.
Project ArisId
[http://www.openliberty.org/wiki/index.php/ProjectAris]
The ArisID API implements the CARML (Client Attribute Requirements Markup Language) and Privacy Constraints IGF specifications Liberty Alliance released earlier this year. ArisID demonstrates how CARML and Privacy Constraints policies may be used by developers to create declarative identity applications. The open source ArisID declarative approach defines what identity-enabled transactions can be performed to ensure applications only use identity information required to complete a transaction. This allows developers to build secure identity-enabled enterprise applications that are easily auditable and protect the personally identifiable information (PII), such as a social security number or credit information, of people engaging in enterprise identity-enabled transactions.
Ruminations on Identity
[http://bderidder.wordpress.com/]
My own blog about identity related topics, mostly focusing on the Internet identity meta system.
Sara Gates - From Here To Identity
[http://blogs.sun.com/saragates]
Sara Gates' blog on identity management, business, life and accelerating without fear. Sara Gates is vice president of identity management at Sun Microsystems and has overall responsibility for driving the Sun identity management vision, strategy and product line.
Securent - Entitlement Management
[http://www.securent.com/]
Securent Entitlement Management Solution (EMS) is a unique, scalable, enterprise-ready solution for achieving fine-grained or application specific role-based distributed entitlement.
SENA Systems
[http://www.senasystems.com/]
SENA's mission is to provide of world class, independent Identity and Access Management consulting services utilizing the best people and practices. To cover the complete end-to-end I&AM; life-cycle that assists our customers in successfully meeting their business drivers in a cost effective, secure and compliant manner.
Shibboleth
[http://shibboleth.internet2.edu/]
The Shibboleth software implements the OASIS SAML v1.1 specification, providing a federated Single-SignOn and attribute exchange framework. Shibboleth also provides extended privacy functionality allowing the browser user and their home site to control the Attribute information being released to each Service Provider.
SourceID - Open Source Federated Identity Management
[http://www.sourceid.org/]
SourceID's mission is to provide standards-based Open Source toolkits for Federated Identity Management. SourceID was founded in 2001 by Andre Durand, Bryan Field-Elliot, and a small group of commercial and open source developers, including Eric Norlin, David Waite, and Griffin Caruolo.
Sun Identity Insights eNewsletter
[http://www.sun.com/emrkt/campaign_docs/idmgmt/newsletter/]
Stay up to date on the latest trends and news about identity management.
Sun Identity Management Product Information
[http://www.sun.com/software/index.jsp?cat=Identity%20Management&tab=3]
Sun offers the core functions needed to use, share and manage identity information including directory services, access management, provisioning and federation. These solutions improve security, lower costs, and increase service levels.
Sun's Identity Management Solutions
[http://www.sun.com/software/products/identity/index.jsp]
Sun's comprehensive portfolio of identity management solutions can help you manage, protect, store, verify, and share identity data throughout the enterprise and across extranets.
Symlabs
[http://www.symlabs.com/]
Symlabs' Virtual Directory / LDAP proxy server and federation components integrate perfectly with Identity Management "ecosystems" from Sun, IBM, Novell, Oracle and Microsoft. We are "standards based" - supporting all major platforms and protocols. Our products are built for performance, making us the only choice for customers who demand speed and flexibility.
The Identity Gang
[http://www.identitygang.org/]
To support the ongoing conversation about what is needed for a user-centric identity "metasystem" that supports the whole marketplace, especially individuals. The community dialog takes place on the idworkshop@googlegroups.com mailing list.
The Open Group Identity Management Forum
[http://www.opengroup.org/idm/]
The Identity Management Forum focuses on promoting effective, open standards-based identity management, which allows the right information to reach the right people, and is a prerequisite for enabling Boundaryless Information Flow. The Forum members are active in a wide range of areas, from analyzing requirements to promoting best practices and education.
Vaau
[http://www.vaau.com/]
Vaau is singularly focused on delivering business value by enabling organizations to enforce internal security control policies and automate critical processes. We do this by offering a combination of award winning software and proven implementation methodologies to assist our customers in two areas: role management and identity compliance.
VELO (Safehaus)
[http://docs.safehaus.org/display/VELO/Home]
VELO is an Open Source Identity and Access Provisioning server.
Why isn't Europe suffering a wave of security breaches?
[http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9001176]
(Computerworld) Did you hear the one about the German company that had the big security breach? Probably not, because security breaches don't dominate the headlines in Die Welt, Le Monde or El Pais like they do in USA Today. Our national preoccupation with identity theft has no equivalent in the Old World. So what's the rub? Are Europeans that much better at privacy and security than we are?
XDI.ORG
[http://www.xdi.org/]
XDI.ORG is an international non-profit public trust organization governing open public XRI and XDI infrastructure. XRI (Extensible Resource Identifier) and XDI (XRI Data Interchange) are open standards for digital identity addressing and trusted data sharing developed at OASIS, the leading XML e-business standards body. XRI and XDI infrastructure enables individuals and organizations to establish persistent, privacy-protected Internet identities and form long-term, trusted peer-to-peer data sharing relationships.
[MSDN Article] Identity and Access Management
[http://msdn.microsoft.com/architecture/default.aspx?pull=/library/en-us/dnmaj/html/aj3identity.asp]
Fredrick Chong discusses the principles and benefits of Service Oriented Architecture (SOA), specifically as they relate to the technical challenges in identity and access management, and secondarily, to help the reader gain an understanding of the commonly encountered issues in identity management. (20 printed pages)
[MSDN Article] Security in a Web Services World: A Proposed Architecture and Roadmap
[http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwssecur/html/securitywhitepaper.asp]
This document describes a proposed strategy for addressing security within a Web service environment. It defines a comprehensive Web service security model that supports, integrates and unifies several popular security models, mechanisms, and technologies (including both symmetric and public key technologies) in a way that enables a variety of systems to securely interoperate in a platform- and language-neutral manner. It also describes a set of specifications and scenarios that show how these specifications might be used together.
[Wikipedia] Extensible Resource Identifier
[http://en.wikipedia.org/wiki/Extensible_Resource_Identifier]
eXtensible Resource Identifier (abbreviated XRI) is a scheme and resolution protocol for abstract identifiers compatible with Uniform Resource Identifiers and Internationalized Resource Identifiers, developed by the XRI Technical Committee at OASIS. The goal of XRI is to provide a universal format for abstract, structured identifiers that are domain-, location-, application-, and transport-independent, so they can be shared across any number of domains, directories, and interaction protocols.
