News Archive


Oct 16, 2012: Identity in an API Economy

In an API Economy, everyone and everything has an API. That means 26 billion APIs by the year 2015. What is your organization doing to prepare for this fundamental shift in IT infrastructure? Join KuppingerCole´s Distinguished Analyst Craig Burton and Layer 7 Technologies CTO Scott Morrison in this webinar to understand more about the API Economy and the role of Identity for your organization.


Sep 14, 2012: SAML is dead. Long Live SAML!

Is SAML a dead protocol or just a walking Zombie ready to consume all enterprise brains? Or is it yet alive and well both in legacy and the future? Attend this webinar to join the discussion KuppingerCole´s Distinguished Analyst Craig Burton about health and well being of the Federated sign-on protocol of choice -- SAML.


Open Source IAM – is it right for you?

Open Source projects usually get short shrift from pundits and journalists. Open source Identity projects get even less shrift. (“Shrift”, by the way, has an interesting etymology, at least to those who wonder about where the words we use come from). Commercial vendors have whole staffs of flacks (Public Relations/Media Relations/Analyst Relations specialists) whose sole job is to be sure that I and those like me are aware of everything that’s happening with their products. There are company CEOs, CTOs, sales and marketing execs, product managers and others who spend a good deal of their...

Product Report

Product Report: Beta Systems Software AG - SAM Enterprise Identity Manager - 70273

Der SAM Enterprise Identity Manager der Beta Systems Software AG (Beta Systems) ist in der Kategorie der Enterprise Provisioning-Systeme mit integrierter Access Governance–Funktionalität einzuordnen. Die Kernfunktionalität ist der strukturierte, automatisierte und nachvollziehbare Abgleich von Identitätsinformationen zwischen verschiedenen Zugriffschutzsystemen auf Basis von definierten Prozessen und Connectoren. Wie bei Provisioning-Lösungen üblich, finden sich auch Funktionen für die Umsetzung von Workflows für Antrags- und Genehmigungsverfahren,...

Vendor Report

Vendor Report: Beta Systems - 70150

Die Beta Systems Software AG (Beta Systems) ist ein in Berlin ansässiger Anbieter von Standardsoftwareprodukten in den Bereichen IAM (Identity und Access Management), Access Governance, GRC (Governance, Risk Management, Compliance), Data Center Automation, Data Center Audit und Document Processing and Audit. Zu letztgenanntem Bereich gehören Lösungen für die Verarbeitung von großen Datenmengen in Rechenzentren und das Management und die Automatisierung in Rechenzentren. Dieser Report konzentriert sich auf die Produkte von Beta Systems, die im Bereich IAM, Access...


Sep 27, 2012: Risiken vermeiden beim Management privilegierter Identitäten

Komplexe Organisationsstrukturen, Legionen unterschiedlicher Zielplattformen und -Systeme, kombiniert mit einer großen Zahl schlecht dokumentierter Legacy-Systeme - das Management privilegierter Benutzerkonten und die von solchen Konten ausgehenden hohen Risiken für die Informationssicherheit erfordert viel Aufmerksamkeit, ein tiefes Verständnis für die Compliance-Anforderungen, die an Ihr Unternehmen gestellt werden, und vor allem flexible Lösungen. In diesem Webinar erhalten Sie einen Überblick über die unterschiedlichen Lösungsansätze des Privileged Identity Management und deren...


Sep 19, 2012: BYOD, Social Networking, Cloud - sicher und kalkulierbar

Die Einbindung mobiler Endgeräte, seien Sie im Eigentum des Mitarbeiters oder des Unternehmens, die Nutzung von Social Media im Unternehmen und der vielfältige Einsatz von Cloud-Anwendungen - all dies ist Alltag geworden und stellt IT-Professionals in den Unternehmen jeden Tag vor neue Herausforderungen. In diesem Webinar wird Martin Kuppinger, Principal Analyst bei KuppingerCole, darüber sprechen, wie die Unternehmens-IT die Erschließung des Nutzens dieser Trends ermöglicht, ohne die damit verbundenen Risiken für Ihre Informationssicherheit zu erhöhen.

Executive View

Snapshot: Quest One Identity Manager Data Governance Edition - 70722

Over the past few years, companies have started investing in Access Governance to better manage access certification, access analytics, and access requests. However that is not sufficient. It is, though, a big step forward for organizations which have not only installed a piece of software but also implemented the required organization, guidelines, and processes...


XACML and the Externalization of Authorization: How to do it Right

KuppingerCole Webinar recording

Executive View

Snapshot: SAML Vulnerabilities - 70723

On August 10th, 2012, the University of Bochum (German Ruhr-Universität Bochum) published a research paper titled On breaking SAML: Be whoever you want to be . In that paper the authors provide an analysis of potential security weaknesses in SAML. They analyzed 11 out of 14 major SAML frameworks. Eleven of these frameworks showed XML Signature wrapping (XSW) vulnerabilities. The authors of the research paper claim that attackers thus can take “whatever identity they want”...

Executive View

Snapshot: OAuth 2.0 - 70725

Recently Eran Hammer, one of the – until then – co-authors and editors of the OAuth 2.0 standard which is currently finalized by an IETF (Internet Engineering Task Force) working group, declared that he will withdraw his name from the specification of OAuth 2.0. He posted about this in his blog . In that blog he raised several concerns about OAuth 2.0, ending up in a conclusion that OAuth 2.0 is “more complex, less interoperable, less useful, more incomplete and most importantly, less secure” than OAuth 1.0. However he also states that “OAuth 2.0 at the hand...


The Honan Hack and the BYOI meme

By now you should have heard about the so-called “epic” hacking of the accounts of Wired journalist Mat Honan. Only those on vacation well out of civilization (i.e., no internet, no phones, no newspapers, no radio, no TV) could honestly say that the details weren’t available to them. Nevertheless, here’s a quick summary of what happened. Honan’s Twitter account was hacked. From this were discovered his Gmail account name and home address. Using the Gmail password recovery system, they discovered Mat’s backup email address was a .me account (.me is owned by Apple). They also discovered his...


Simplifying XACML – the Axiomatics ALFA plugin for Eclipse IDE

Axiomatics, a leading vendor in the market of Dynamic Authorization Management systems – sometimes called either Entitlement Management or Policy servers – has recently released a new tool called the ALFA plugin for Eclipse IDE. ALFA stands for “Axiomatics Language for Authorization”. With that tool Axiomatics allows developers authoring XACML 3.0 policies in the widely used Eclipse environment using a syntax which is close to commonly used programming languages like Java or C#. This is a pretty nice tool which closes a gap around XACML development. Instead of having programmers creating...


The best product for IdM?

A recent discussion in the LinkedIn group “Identity Management Specialists Group” asked for the personal opinion about what is the best IdM product out there. Besides the fact that it listed only five products to choose from in a survey, this question, from my perspective, is the wrong question. If I just take the question, my answer would simply be: “None”. There is no “best product” in that market. There is only the product best suited to solve the customer’s problem. And by the way: What is IdM? OK, this is an abbreviation for “Identity Management”, which is better understood as Identity...


What will it mean when Windows operating systems reject encryption keys smaller than 1024 bit soon?

Microsoft will soon release an update to its current operating systems (Windows XP and higher; Windows Server 2003 and higher), which will block the use of cryptographic keys that are less than 1024 bits in length. This announcement was made quite a while ago, but most links go to a rather specialized place, the “Windows PKI blog”. And honestly, who besides some geeks are really reading such a blog? The consequence is that certificates with key lengths of 512 bits will be blocked, leading to error messages. These errors can occur when browsing the web, when trying to enroll certificates,...

Advisory Note

Scenario: The Future of Authentication - 70341

A number of significant trends are causing the authentication (AuthN) and authorization (AuthZ) architectures and technologies to significantly change. Cloud, mobile and Social computing combined (The Computing Troika) are causing an identity explosion that is requiring organizations to embrace and evangelize authenticated access to any resource by anyone from any device. At the same time, organizations are being required to address this more complex and demanding authentication environment with fewer resources and to do so more efficiently. In short, the traditional...


Preparing Your Enterprise for the Generation Y: BYOD & Mobile Device Management

KuppingerCole Webinar recording


Doing BYOD right – it’s all about information security

A recent article in Network World online  had the title “For BYOD Best Practices, Secure Data, Not Devices”. I fully agree with that title. However when reading it I struggled somewhat with the solutions proposed therein, which were mainly about “mobile device virtualization” and MAM (Mobile Application Management) instead of classical MDM (Mobile Device Management). However, neither mobile device virtualization (we might call this MDV) nor MAM really are about securing data. OK, MAM as proposed by companies like Apperian at least also can protect the communication channel and the storage...

Welcome to KuppingerCole

How can we help you

Send an inquiry

+49 211 237 077 33

Mo – Fr 8:00 – 17:00

Stay Connected


AI for the Future of Your Business Learn more

AI for the Future of Your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]