Your SlideShare is downloading. ×
0
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, Forrester
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Modern IAM Trends and Themes by Eve Maler, Forrester

829

Published on

Keynote presented by Eve Maler, Principal Analyst, Forrester, Co-creator XML, Principal SAML Development Team

Keynote presented by Eve Maler, Principal Analyst, Forrester, Co-creator XML, Principal SAML Development Team

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
829
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
38
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Making Leaders Successful Every Day
  • 2. Trends, Transients, Tropes, and Transparents Eve Maler, Principal Analyst, Security & Risk ForgeRock Open Identity Stack Summit October 15, 2013
  • 3. Transparents Trends •  What are they? •  What is the evidence? •  What should you do about them? Closer to truthiness Closer to essential truth What are the T4 all about? Tropes Transients Less well noticed © 2012 Forrester Research, Inc. Reproduction Prohibited Well noticed 3
  • 4. Trend: webdevification of IT IN THE FUTURE, EVERY ENTERPRISE WILL OPEN AN API CHANNEL TO ITS DIGITAL PLATFORM Source: John Musser (formerly) of ProgrammableWeb.com © 2012 Forrester Research, Inc. Reproduction Prohibited 4
  • 5. Confront the changes in your power relationship ACCESS CONTROL IS ABOUT PROTECTION AND MONETIZATION friction Y value X © 2012 Forrester Research, Inc. Reproduction Prohibited 5
  • 6. A lot of identities float around an API ecosystem Source: April 5, 2013 Forrester report “API Management For Security Pros” © 2012 Forrester Research, Inc. Reproduction Prohibited 6
  • 7. Open Web APIs are, fortunately, friendly to the Zero Trust model of security Initially treat all access requesters as untrusted. Require opt-in access. Apply identity federation through APIs. © 2012 Forrester Research, Inc. Reproduction Prohibited Source: November 15, 2012, Forrester report “No More Chewy Centers: Introducing The Zero Trust Model Of Information Security” 7
  • 8. Trend: IAM x cloud ZERO TRUST CALLS FOR DISTRIBUTED SINGLE SOURCES OF TRUTH Prefer these choices when crossing domains Provision just in time through SSO Synchronize accounts periodically Bind to a user store and replay credentials © 2012 Forrester Research, Inc. Reproduction Prohibited Issue and manage a disconnected account 8
  • 9. Identity plays only an infrastructural role in most cloud platforms DISRUPTION IS COMING FROM THE CLOUD IDENTITY SERVICES DARK HORSES cloud identity product with an actual SKU IAM functions user base and attributes cloud services © 2012 Forrester Research, Inc. Reproduction Prohibited 9
  • 10. Transient: XACML XACML 3 IS STUCK AT MODERATE SUCCESS AND IS HEADING FOR DECLINE Adoption has government/compliance drivers, few accelerators, and many inhibitors It’s critical to open up the market for long-tail policy evaluation engines Webdevified and mobile-friendly scenarios demand different patterns of outsourced authorization © 2012 Forrester Research, Inc. Reproduction Prohibited
  • 11. Authz grain needs to get…finer-grained field-level entitlements XACML etc. policy input scopegrained authz roles groups attributes WAM domain URL path sets of API calls field resource accessed © 2012 Forrester Research, Inc. Reproduction Prohibited 11
  • 12. Plan for a new “Venn” of access control AN “XACML LITE” WOULD HAVE A POTENTIALLY VALUABLE ROLE TO PLAY © 2012 Forrester Research, Inc. Reproduction Prohibited 12
  • 13. Trope: “Passwords are dead” OH, YEAH? correct hors e battery sta © 2012 Forrester Research, Inc. Reproduction Prohibited ple
  • 14. We struggle to maximize authentication quality PARTICULARLY IN CONSUMER-FACING SERVICES Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report © 2012 Forrester Research, Inc. Reproduction Prohibited 14
  • 15. Authentication schemes have different characteristics * ? *S2 is an affordance of passwords for “consensual impersonation” Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report, based on “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes” © 2012 Forrester Research, Inc. Reproduction Prohibited 15
  • 16. Think in terms of “responsive design” for authentication LEVERAGE STRENGTHS AND MITIGATE RISKS – ONCE YOU KNOW THEM Know Do User identification based on something they… Have Are © 2012 Forrester Research, Inc. Reproduction Prohibited 16
  • 17. Transparent: time-to-live strategies EXPIRATION HAS OUTSIZED VALUE VS. EXPLICIT REVOCATION OF ACCESS IN ZERO-TRUST ENVIRONMENTS © 2012 Forrester Research, Inc. Reproduction Prohibited
  • 18. Closer to essential truth Summary of the T4 Transparent: Trends: Time-to-live strategies Webdevification of IT Cloud x IAM Trope: “Passwords are dead” Transient: Closer to truthiness XACML Less well noticed © 2012 Forrester Research, Inc. Reproduction Prohibited Well noticed 18
  • 19. Thank you Eve Maler +1 617.613.8820 emaler@forrester.com @xmlgrrl

×