SlideShare a Scribd company logo

CIS13: Identity Trends and Transients

CloudIDSummit
CloudIDSummit

Eve Maler, Principal Analyst Serving Security and Risk Professionals, Forrester What are the bona fide trends in the shifting identity and access landscape? Which are mere shiny objects, destined to fade quickly and leave their fans in IT disappointed.

Technology
1 of 19
Download to read offline
Making Leaders Successful Every Day
Trends, Transients, Tropes, and Transparents Eve Maler, Principal Analyst, Security & Risk Cloud Identity Summit July 10, 2013
© 2012 Forrester Research, Inc. Reproduction Prohibited What are the T4 all about? 3 Less well noticed Well noticed Transparents Transients Trends Tropes ClosertotruthinessClosertoessentialtruth •  What are they? •  What is the evidence? •  What should you do about them?
© 2012 Forrester Research, Inc. Reproduction Prohibited Trend: webdevification of IT 4 Source: John Musser (formerly) of ProgrammableWeb.com IN THE FUTURE, EVERY ENTERPRISE WILL OPEN AN API CHANNEL TO ITS DIGITAL PLATFORM
© 2012 Forrester Research, Inc. Reproduction Prohibited Confront the changes in your power relationship 5 value X friction Y ACCESS CONTROL IS ABOUT PROTECTION AND MONETIZATION
© 2012 Forrester Research, Inc. Reproduction Prohibited 6 Source: April 5, 2013 Forrester report “API Management For Security Pros” A lot of identities float around an API ecosystem
© 2012 Forrester Research, Inc. Reproduction Prohibited Open Web APIs are, fortunately, friendly to the Zero Trust security model 7 Initially treat all access requesters as untrusted. Require opt-in access. Apply identity federation through APIs. Source: November 15, 2012, Forrester report “No More Chewy Centers: Introducing The Zero Trust Model Of Information Security”
© 2012 Forrester Research, Inc. Reproduction Prohibited Trend: IAM x cloud 8 ZERO TRUST CALLS FOR DISTRIBUTED SINGLE SOURCES OF TRUTH Federate at run time Bind to authn repository Synch accounts Issue an unrelated account
© 2012 Forrester Research, Inc. Reproduction Prohibited Identity plays only an infrastructural role in most cloud platforms 9 cloud services IAM functions user base and attributes cloud identity product with an actual SKU KEEP AN EYE OUT FOR DISRUPTION COMING FROM THE “CISDH” PLAYERS
© 2012 Forrester Research, Inc. Reproduction Prohibited Transient: XACML Adoption has government/compliance drivers, few accelerators, and many inhibitors It’s critical to open up the market for long-tail policy evaluation engines Webdevified scenarios demand different patterns of outsourced authorization XACML 3 IS STUCK AT MODERATE SUCCESS AND IS HEADING FOR DECLINE
© 2012 Forrester Research, Inc. Reproduction Prohibited Authz grain needs to get…finer-grained 11 policy input resource accessed roles groups attributes entitlements domain URL path sets of API calls field XACML etc. scope- grained authz WAM
© 2012 Forrester Research, Inc. Reproduction Prohibited Plan for a new “Venn” of access control 12 AN “XACML LITE” WOULD HAVE A POTENTIALLY VALUABLE ROLE TO PLAY
© 2012 Forrester Research, Inc. Reproduction Prohibited Trope: “Passwords are dead” OH, YEAH? correct horse battery staple
© 2012 Forrester Research, Inc. Reproduction Prohibited We struggle to maximize authentication quality 14 Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report PARTICULARLY IN CONSUMER-FACING SERVICES
© 2012 Forrester Research, Inc. Reproduction Prohibited Authentication schemes have different characteristics 15 Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report, based on “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes” ✘ ✔ ?✔ ✘ ✔ ✘ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✔ ✔ ✔ ✔ * *S2 is an affordance of passwords for “consensual impersonation”
© 2012 Forrester Research, Inc. Reproduction Prohibited Think in terms of “responsive design” for authentication 16 LEVERAGE STRENGTHS AND MITIGATE RISKS – ONCE YOU KNOW THEM User identification based on something they… Know Have Are Do
© 2012 Forrester Research, Inc. Reproduction Prohibited Transparent: time-to-live strategies EXPIRATION HAS OUTSIZED VALUE VS. EXPLICIT REVOCATION OF ACCESS IN ZERO-TRUST ENVIRONMENTS
© 2012 Forrester Research, Inc. Reproduction Prohibited Summary of the T4 18 Less well noticed Well noticed Transparent: Time-to-live strategies Transient: XACML Trends: Webdevification of IT Cloud x IAM Trope: “Passwords are dead” ClosertotruthinessClosertoessentialtruth
Thank you Eve Maler +1 617.613.8820 emaler@forrester.com @xmlgrrl

Recommended

CIS13: Identity at Scale
CIS13: Identity at ScaleCIS13: Identity at Scale
CIS13: Identity at ScaleCloudIDSummit
 
2016 04-26 webinar - consumer-focused identity management
2016 04-26 webinar - consumer-focused identity management2016 04-26 webinar - consumer-focused identity management
2016 04-26 webinar - consumer-focused identity managementshivan82
 
CIS13: Hope or Hype: A Look at the Next Generation of Identity Standards
CIS13: Hope or Hype: A Look at the Next Generation of Identity StandardsCIS13: Hope or Hype: A Look at the Next Generation of Identity Standards
CIS13: Hope or Hype: A Look at the Next Generation of Identity StandardsCloudIDSummit
 
Consumer Identity Management
Consumer Identity ManagementConsumer Identity Management
Consumer Identity Managementwebhostingguy
 
CIS13: OpenID Connect: How it Solves your Problems
CIS13: OpenID Connect: How it Solves your ProblemsCIS13: OpenID Connect: How it Solves your Problems
CIS13: OpenID Connect: How it Solves your ProblemsCloudIDSummit
 
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and Beyond
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and BeyondPush, Pull, or Punt - Identity management tug-of-war: Then, Now, and Beyond
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and BeyondIan Glazer
 
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, ForresterModern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, ForresterForgeRock
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesNowSecure
 

Recommended

CIS13: Identity at Scale
CIS13: Identity at ScaleCIS13: Identity at Scale
CIS13: Identity at ScaleCloudIDSummit
 
2016 04-26 webinar - consumer-focused identity management
2016 04-26 webinar - consumer-focused identity management2016 04-26 webinar - consumer-focused identity management
2016 04-26 webinar - consumer-focused identity managementshivan82
 
CIS13: Hope or Hype: A Look at the Next Generation of Identity Standards
CIS13: Hope or Hype: A Look at the Next Generation of Identity StandardsCIS13: Hope or Hype: A Look at the Next Generation of Identity Standards
CIS13: Hope or Hype: A Look at the Next Generation of Identity StandardsCloudIDSummit
 
Consumer Identity Management
Consumer Identity ManagementConsumer Identity Management
Consumer Identity Managementwebhostingguy
 
CIS13: OpenID Connect: How it Solves your Problems
CIS13: OpenID Connect: How it Solves your ProblemsCIS13: OpenID Connect: How it Solves your Problems
CIS13: OpenID Connect: How it Solves your ProblemsCloudIDSummit
 
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and Beyond
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and BeyondPush, Pull, or Punt - Identity management tug-of-war: Then, Now, and Beyond
Push, Pull, or Punt - Identity management tug-of-war: Then, Now, and BeyondIan Glazer
 
Modern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, ForresterModern IAM Trends and Themes by Eve Maler, Forrester
Modern IAM Trends and Themes by Eve Maler, ForresterForgeRock
 
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesCASE STUDY - Ironclad Messaging & Secure App Dev for Regulated Industries
CASE STUDY - Ironclad Messaging & Secure App Dev for Regulated IndustriesNowSecure
 
Unc charlotte prezo2016
Unc charlotte prezo2016Unc charlotte prezo2016
Unc charlotte prezo2016Sanjay R. Gupta
 
Promoting the Semantic Web
Promoting the Semantic WebPromoting the Semantic Web
Promoting the Semantic WebOptum
 
The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management WSO2
 
Cognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard OntologyCognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard OntologyPropMixIO
 
Semantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with OntologiesSemantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with OntologiesAmit Jain
 
The New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT EraThe New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT EraForgeRock
 
OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...Shahid Shah
 
turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111prinecssjameela88888
 
Security, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software IntegrationSecurity, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software IntegrationDataWorks Summit
 
Privacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricPrivacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricAtif Shaikh
 
Choice View Pitch
Choice View PitchChoice View Pitch
Choice View Pitchmicroventures
 
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...apidays
 
Globalization and VPEC-T
Globalization and VPEC-TGlobalization and VPEC-T
Globalization and VPEC-TRichard Veryard
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
How to Secure your Data Lake
How to Secure your Data LakeHow to Secure your Data Lake
How to Secure your Data LakeSarah Story
 
How to secure your data lake
How to secure your data lakeHow to secure your data lake
How to secure your data lakeMichael Albo, MSc IT, MBA
 
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...Amazon Web Services
 
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the UnionCloudera, Inc.
 
Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)DNIF
 
Introduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry AnalystIntroduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry AnalystRightScale
 
CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content HighlightsCloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
 

More Related Content

Similar to CIS13: Identity Trends and Transients

Promoting the Semantic Web
Promoting the Semantic WebPromoting the Semantic Web
Promoting the Semantic WebOptum
 
The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management WSO2
 
Cognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard OntologyCognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard OntologyPropMixIO
 
Semantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with OntologiesSemantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with OntologiesAmit Jain
 
The New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT EraThe New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT EraForgeRock
 
OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...Shahid Shah
 
turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111prinecssjameela88888
 
Security, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software IntegrationSecurity, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software IntegrationDataWorks Summit
 
Privacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricPrivacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricAtif Shaikh
 
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...apidays
 
Globalization and VPEC-T
Globalization and VPEC-TGlobalization and VPEC-T
Globalization and VPEC-TRichard Veryard
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationTripwire
 
How to Secure your Data Lake
How to Secure your Data LakeHow to Secure your Data Lake
How to Secure your Data LakeSarah Story
 
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...Amazon Web Services
 
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the UnionCloudera, Inc.
 
Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)DNIF
 
Introduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry AnalystIntroduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry AnalystRightScale
 

Similar to CIS13: Identity Trends and Transients (20)

Unc charlotte prezo2016
Unc charlotte prezo2016Unc charlotte prezo2016
Unc charlotte prezo2016
 
Promoting the Semantic Web
Promoting the Semantic WebPromoting the Semantic Web
Promoting the Semantic Web
 
The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management The Power Trio: APIs, Cloud Platforms, Lifecycle Management
The Power Trio: APIs, Cloud Platforms, Lifecycle Management
 
Cognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard OntologyCognitive Recommendations Using Real Estate Standard Ontology
Cognitive Recommendations Using Real Estate Standard Ontology
 
Semantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with OntologiesSemantic Security : Authorization on the Web with Ontologies
Semantic Security : Authorization on the Web with Ontologies
 
The New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT EraThe New Venn of Access Control in the API-Mobile-IOT Era
The New Venn of Access Control in the API-Mobile-IOT Era
 
OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...OSCon 2011 Talk: The implications of open source technologies in safety criti...
OSCon 2011 Talk: The implications of open source technologies in safety criti...
 
turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111turban_dss9e_ch05_unit1.ppt11111111111111111
turban_dss9e_ch05_unit1.ppt11111111111111111
 
Security, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software IntegrationSecurity, ETL, BI & Analytics, and Software Integration
Security, ETL, BI & Analytics, and Software Integration
 
Privacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data FabricPrivacy Preserved Data Augmentation using Enterprise Data Fabric
Privacy Preserved Data Augmentation using Enterprise Data Fabric
 
Choice View Pitch
Choice View PitchChoice View Pitch
Choice View Pitch
 
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
apidays LIVE Australia 2021 - Composable data for the composable enterprise b...
 
Globalization and VPEC-T
Globalization and VPEC-TGlobalization and VPEC-T
Globalization and VPEC-T
 
Survival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient OrganizationSurvival of the Fittest: How to Build a Cyber Resilient Organization
Survival of the Fittest: How to Build a Cyber Resilient Organization
 
How to Secure your Data Lake
How to Secure your Data LakeHow to Secure your Data Lake
How to Secure your Data Lake
 
How to secure your data lake
How to secure your data lakeHow to secure your data lake
How to secure your data lake
 
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
ABD209_Accelerating the Speed of Innovation with a Data Sciences Data & Analy...
 
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union
 
Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)
 
Introduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry AnalystIntroduction, Product Demo & Roadmap and Industry Analyst
Introduction, Product Demo & Roadmap and Industry Analyst
 

More from CloudIDSummit

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content HighlightsCloudIDSummit
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CloudIDSummit
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2CloudIDSummit
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CloudIDSummit
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCloudIDSummit
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CloudIDSummit
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
 

More from CloudIDSummit (20)

CIS 2016 Content Highlights
CIS 2016 Content HighlightsCIS 2016 Content Highlights
CIS 2016 Content Highlights
 
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016Top 6 Reasons You Should Attend Cloud Identity Summit 2016
Top 6 Reasons You Should Attend Cloud Identity Summit 2016
 
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
CIS 2015 Security Without Borders: Taming the Cloud and Mobile Frontier - And...
 
Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2Mobile security, identity & authentication reasons for optimism 20150607 v2
Mobile security, identity & authentication reasons for optimism 20150607 v2
 
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...
 
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
CIS 2015 Virtual Identity: The Vision, Challenges and Experiences in Driving ...
 
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...
 
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...
 
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian Puhl
 
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian KatzCIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
CIS 2015 IoT and IDM in your Mobile Enterprise - Brian Katz
 
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
CIS 2015 Practical Deployments Enterprise Cloud Access Management Platform - ...
 
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve Tout
 
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCIS 2015 How to secure the Internet of Things? Hannes Tschofenig
CIS 2015 How to secure the Internet of Things? Hannes Tschofenig
 
CIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean DeubyCIS 2015 The IDaaS Dating Game - Sean Deuby
CIS 2015 The IDaaS Dating Game - Sean Deuby
 
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish JainCIS 2015 SSO for Mobile and Web Apps Ashish Jain
CIS 2015 SSO for Mobile and Web Apps Ashish Jain
 
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...The Industrial Internet, the Identity of Everything and the Industrial Enterp...
The Industrial Internet, the Identity of Everything and the Industrial Enterp...
 
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John Dasilva
 
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid Khosravian
 
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
CIS 2015 So you want to SSO … Scott Tomilson & John Dasilva
 
CIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of ThingsCIS 2015 Identity Relationship Management in the Internet of Things
CIS 2015 Identity Relationship Management in the Internet of Things
 

Recently uploaded

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 

Recently uploaded (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 

CIS13: Identity Trends and Transients

  • 2. Trends, Transients, Tropes, and Transparents Eve Maler, Principal Analyst, Security & Risk Cloud Identity Summit July 10, 2013
  • 3. © 2012 Forrester Research, Inc. Reproduction Prohibited What are the T4 all about? 3 Less well noticed Well noticed Transparents Transients Trends Tropes ClosertotruthinessClosertoessentialtruth •  What are they? •  What is the evidence? •  What should you do about them?
  • 4. © 2012 Forrester Research, Inc. Reproduction Prohibited Trend: webdevification of IT 4 Source: John Musser (formerly) of ProgrammableWeb.com IN THE FUTURE, EVERY ENTERPRISE WILL OPEN AN API CHANNEL TO ITS DIGITAL PLATFORM
  • 5. © 2012 Forrester Research, Inc. Reproduction Prohibited Confront the changes in your power relationship 5 value X friction Y ACCESS CONTROL IS ABOUT PROTECTION AND MONETIZATION
  • 6. © 2012 Forrester Research, Inc. Reproduction Prohibited 6 Source: April 5, 2013 Forrester report “API Management For Security Pros” A lot of identities float around an API ecosystem
  • 7. © 2012 Forrester Research, Inc. Reproduction Prohibited Open Web APIs are, fortunately, friendly to the Zero Trust security model 7 Initially treat all access requesters as untrusted. Require opt-in access. Apply identity federation through APIs. Source: November 15, 2012, Forrester report “No More Chewy Centers: Introducing The Zero Trust Model Of Information Security”
  • 8. © 2012 Forrester Research, Inc. Reproduction Prohibited Trend: IAM x cloud 8 ZERO TRUST CALLS FOR DISTRIBUTED SINGLE SOURCES OF TRUTH Federate at run time Bind to authn repository Synch accounts Issue an unrelated account
  • 9. © 2012 Forrester Research, Inc. Reproduction Prohibited Identity plays only an infrastructural role in most cloud platforms 9 cloud services IAM functions user base and attributes cloud identity product with an actual SKU KEEP AN EYE OUT FOR DISRUPTION COMING FROM THE “CISDH” PLAYERS
  • 10. © 2012 Forrester Research, Inc. Reproduction Prohibited Transient: XACML Adoption has government/compliance drivers, few accelerators, and many inhibitors It’s critical to open up the market for long-tail policy evaluation engines Webdevified scenarios demand different patterns of outsourced authorization XACML 3 IS STUCK AT MODERATE SUCCESS AND IS HEADING FOR DECLINE
  • 11. © 2012 Forrester Research, Inc. Reproduction Prohibited Authz grain needs to get…finer-grained 11 policy input resource accessed roles groups attributes entitlements domain URL path sets of API calls field XACML etc. scope- grained authz WAM
  • 12. © 2012 Forrester Research, Inc. Reproduction Prohibited Plan for a new “Venn” of access control 12 AN “XACML LITE” WOULD HAVE A POTENTIALLY VALUABLE ROLE TO PLAY
  • 13. © 2012 Forrester Research, Inc. Reproduction Prohibited Trope: “Passwords are dead” OH, YEAH? correct horse battery staple
  • 14. © 2012 Forrester Research, Inc. Reproduction Prohibited We struggle to maximize authentication quality 14 Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report PARTICULARLY IN CONSUMER-FACING SERVICES
  • 15. © 2012 Forrester Research, Inc. Reproduction Prohibited Authentication schemes have different characteristics 15 Source: June 12, 20113 “Introducing The Customer Authentication Assessment Framework” Forrester report, based on “The Quest to Replace Passwords: A Framework for Comparative Evaluation of Web Authentication Schemes” ✘ ✔ ?✔ ✘ ✔ ✘ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✔ ✔ ✔ ✔ * *S2 is an affordance of passwords for “consensual impersonation”
  • 16. © 2012 Forrester Research, Inc. Reproduction Prohibited Think in terms of “responsive design” for authentication 16 LEVERAGE STRENGTHS AND MITIGATE RISKS – ONCE YOU KNOW THEM User identification based on something they… Know Have Are Do
  • 17. © 2012 Forrester Research, Inc. Reproduction Prohibited Transparent: time-to-live strategies EXPIRATION HAS OUTSIZED VALUE VS. EXPLICIT REVOCATION OF ACCESS IN ZERO-TRUST ENVIRONMENTS
  • 18. © 2012 Forrester Research, Inc. Reproduction Prohibited Summary of the T4 18 Less well noticed Well noticed Transparent: Time-to-live strategies Transient: XACML Trends: Webdevification of IT Cloud x IAM Trope: “Passwords are dead” ClosertotruthinessClosertoessentialtruth
  • 19. Thank you Eve Maler +1 617.613.8820 emaler@forrester.com @xmlgrrl