News Archive


Jul 04, 2008: Kuppinger Cole Unified Communications Market Report

Unified Communications (UC), also die Integration von Kommunikation und Unternehmensanwendungen, ist nicht unbedingt neu; Anbieter wie beispielsweise Siemens bewegen sich seit vielen Jahren in diesem Marktsegment. Doch ist in den vergangenen Monaten einiges an Bewegung in diesen Markt gekommen, nicht zuletzt weil die Unternehmen durch die Umsetzung ihrer Identity Management Strategie überhaupt erst in die Lage versetzt wurden, die Vorteile von UC wirksam zu netzen. Martin Kuppinger stellt in diesem Webinar den Kuppinger Cole Unified Communications Market Report vor und führt dabei in die...


CardSpace Business Cards - PKI 2.0?

As the Gurus of User-Centric ID Management have discussed here and here, the idea of using CardSpace and special "Managed Cards", issued through the use of the Microsoft Acrtive Directory, InfoCards could actually become sort of an authentication token not only for your self, but for you being am employee of said issuer of the respective InfoCard. As managed Infocards are designed to be used as sort of community/customer ID, why not use it to verify if somebody IS actually working for the company he claims to work for. Impersonation still is a threat today. I experienced this during the...


Security is when no one can access the network

I’ve been talking with Felix Gaehtgens, who attended the RSA Conference this spring in San Francisco. Besides discussing the news from different vendors we came to another topic. Felix asked me whether I know Bruce Schneier, definitely one of world’s leading security experts. For sure I know him – not personally, but from his publications. Felix than stated that even Bruce Schneier had been seen at the WLAN helpdesk of the RSA Conference – and Felix conceded that he hadn’t managed to access that WLAN. My comment on this: “I also didn’t manage to access the WLAN of...


First Analysis of Microsoft ILM 2

Some days ago, Microsoft announced at its Tech-Ed conference for IT professionals the start of the beta program for its Identity Lifecycle Manager (ILM) Version 2 beta 3. The current version is called “ILM 2007”, and ILM 2 is touted as a significant enhancement. ILM 2 is Microsoft’s most recent addition to its identity management portfolio. Although general availability is not expected until the first quarter of 2009, this announcement was given significant exposure, and the Tech-Ed conference had many events scheduled around ILM 2. Microsoft is a leading player in the user centric identity...


Information Cards going public...

Yes, I know – Information Cards (or Infocards) and their incarnation in Microsoft Windows CardSpace have been around for a while. But it was mainly the inner circle of Identity Management (and especially of user-centric Identity Management) who was really aware of this. With the recent announcement of the Information Card Foundation (ICF), Microsoft and others are trying to improve the visibility of Information Cards as a core element of Identity Management in the so called cloud. There has been some discussion around the announcement in blogs and forums in the Internet. One of the most...

Vendor Report

Microsoft Vendor Report

Microsoft entered the market of Identity Management providers very late and at this stage adapted its portfolio of in-house tools for user account administration and access privileges to the challenges of managing customers' heterogeneous IT infrastructures. Since the strategists in Redmond realized the importance of an opening for third parties, Microsoft has been working at full speed on a further development and expansion of its Identity Management solutions, even though the Active Directory always takes centre stage. However, this focus is consistent with Microsoft's strategy.


Project Concordia shows important step in Federation Interoperability

At the RSA conference in San Francisco 2008 in the second week of April, several vendors demonstrated new interoperability between previously incompatible federation protocols. Through Project Concordia, a new project co-sponsored by the Liberty Alliance and several other vendors, several profiles were shown that showed seamless integration of SAML, WS-Federation and CardSpace. This demonstration is significant, because it shows that vendors, especially Microsoft, are bowing to increased pressure from customers to focus on interoperability. It also highlights the challenges that are still...


RedHat acquires Identyx

As I write this, Red Hat is announcing the acquisition of Identyx, a software company that specialises in open source identity management software. Identyx's sells fully supported versions of Penrose, a virtual directory and Velo, an open provisioning solution. Both products are based on open source projects hosted at, which was started up by Jim Yang and Alex Karasulu, best known as being a major driver behind the Apache Directory Server project. Identyx business model is typical for open source software providers: a stable, official release from Identyx, priced on basis of a...


The secret leader in context-based authentication and authorization?

Context-based authentication and authorization is one of the topics which have the potenzial to become the next hype. I've posted twice on this subject, here and here and we had, led by Dave Kearns, a lot of discussions around this at our EIC 2008. I'm convinced that the topic will become even more important at next year's EIC. Besides the ones which are obvious players in that future market segment like the risk-based authentication vendors (Arcot, Entrust, Oracle, RSA and some others) there are some other categories of vendors which offer even today at least some context-based...


Shouldn't there be a common understanding of the term "service"?

These days I've read some entries in the Beteo blog, a blog provided by a swiss software and consulting company which is somewhere in between SOA and BSM - or BTO, the term they tend to use due to some affinity to HP. The interesting thing is that Beteo not only claims but proves that Service Management principles and tools which are commonly used more in the IT Infrastructure Management can be applied to the field of Software Change Management as well. Beteo, a company I'm in contact with since they've been founded (and I have been in contact even with their predecessor), uses this concept...


Nov 18 - 19, 2008: Governance, Risk Management & Compliance (GRC) Forum 2008

Je komplexer die IT-Infrastruktur, desto angreifbarer ist sie und desto höher die Aufwände (und Kosten) für Compliance. Für die erfolgreiche Einführung einer unternehmensweiten GRC-Plattform ist es deshalb von entscheidender Bedeutung, einerseits deren Fundament in Form einer zukunftsorientierten Identity Management Strategie darauf auszulegen, aussagekräftige Informationen zur Verfügung zu stellen, und andererseits durch einen Risk-orientierten Compliance-Ansatz die Kunst der Beschränkung auf das Wesentliche zu üben. Die Kuppinger Cole Governance, Risk Management & Compliance (GRC)...


Quest: Two new tools for SSO

Quest is providing more and more tools in the Identity Management space. That is no surprise, given the fact that Jackson Shaw is Senior Product Manager at Quest. Jackson Shaw has been at Zoomit and Microsoft before, thus being one of the “inventors” of Microsoft’s MIIS. During March 2008 Quest has not only announced a more and more complete portfolio of Identity Management tools, all positioned around the Windows platform. Quest has also announced the acquisition of one Single Sign-On solution with PassGo and a partnership with another Single Sign-On vendor, namely Evidian. The...


Yubikey - New Hardware for Strong Authentication

Recently I came across YubiKey, which is a hardware token generator from a young Swedisch comapny called Yubico. YubiKey is a small and slim USB device with just one button. If you push it, the device produces a 1-time password and sends it to the server. Compared to token generators in card format, you don't need to manually enter your 1-time password anymore through a computer keyboard, which makes YubiKey unreachable for trojans directly listening to keyboard entries. One more remarkable thing is, that Yubico offer an identity platform for their device, which already contains an OpenID...


CardSpace "hacked"?

I'm definately amongst the last ones to join the crowd blaming German Universities to lag behind international standards with regards to their educational program, especially in the fields of technology and computer sciences. But reading this press release, issued by the Faculty of Network and Data Security at University Bochum (sorry, the English version of their website seems to not work), makes me think. The press release says, that two students of said faculty "broke" Microsoft's CardSpace through some kind of man-in-the-middle-attack, where they took over an existing session between...


GRC and IAM - you can't separate it

At EIC 2008 I've presented our view on the relationship of GRC and IAM as well as our definition of the GRC market, the core results of our GRC market report 2008. Basically, the generic GRC tools we see emerging in the market are becoming more and more the business layer above the classical core IAM tools, e.g. provisioning, self service and some other feature areas. I've been talking with a lot of users within the last few weeks. And what I've learned has proven that statement. The most important driver for IAM projects today is the need for defined, auditable processes around user and...


Is GRC something different in Europe than it is in the US?

Today I listened to a podcast where Kevin Cunningham and Darran Rolls from Sailpoint Software talk in an interview with Jackie Gilbert about their impressions they brought back home from EIC 2008. Besides describing EIC as an event not to miss next year (thanks!), they compare the US and European identity management markets and agree that there are more similarities than differences when it comes to GRC. Yes, compliance requirements are increasing everywhere in the world and SOX is not the only framework responsible for this increase. I think it was Kevin who mentionned one important...


Identyx and Symlabs release new versions of Virtual Directory

In the first half of April, two vendors of virtual directory products have announced new major version of their software. Identyx, based in Austin, Texas, announced the availability of version 2 of the Penrose Virtual Directory. Symlabs, based in Lisbon, Portugal, announced version 4 of the Symlabs Virtual Directory Server and the Symlabs LDAP Proxy Server. Identyx now offers a NIS (Sun's Network Information Service, formerly known as "yellow pages") to LDAP bridge that will facilitate an organisation’s move from NIS to LDAP directory services. According to Jim Yang, some...


An Interview with Eckhard Völcker, CEO Völcker Informatik AG

An Interview with Eckhard Völcker, CEO Völcker Informatik AG Identity Management can't be done segregated KCP: How should such a service portfolio look like? Can I just base it on ITIL?Mr. Völcker: It goes beyond ITIL, which is focused on the core services of IT infrastructures. ITIL mainly provides processes for a service portfolio. To define such a portfolio, we use an approach of clusters, for example for services around accounts and roles, for software and hardware services - e.g. asset management - for mobile devices and for the supply of services itself.KCP: And you support...


Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected


AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]