Access and Identity

Webcast

IAM and GRC Market Today and 2009

What We Have Observed This Year and What We Expect for 2009

Webcast

Reducing Authentication & Authorization Risks in Today´s Open Flexible Business Environments

Kuppinger Cole Webinar recording

Blog

GRC platforms - more than IAM

GRC (Governance, Risk Management, Compliance) is frequently reduced to IAM (Identity and Access Management) or, in best case, to a more business-centric layer on top of IAM infrastructures. In our research and publications around GRC we've pointed out that GRC platforms will have to go well…

Webinar

Jan 20, 2009: Entitlement Management - Business and Technical Perspectives

The question on how to control and secure access to resources has become an even more critical topic, as monolithic applications more and more become legacy and service oriented architectures (SOA) are taking over the regime. In this webinar we will give an overview of the emerging field of…

Webinar

Dec 18, 2008: IAM and GRC Market Today and 2009 – What we have Observed this Year and what we Expect for 2009

The final Kuppinger Cole Webinar in 2008 will provide a conclusion of what we have observed in our research during 2008 - trends, interesting vendors and concepts, emerging standards, remarkable best practices. Based on this, we will also talk about our view on what we expect to happen in 2009.

Blog

Creating Authentication Strategies

Joining a special "reality" session was the best choice I made while attending IIW. Not only was this a wonderful opportunity to compare our KuppingerCole approach to providing insight and second opinion on the exact topic, but getting a deeper understanding of how to analyse and structure…

Blog

Who should be in charge of IAM?

This morning, I had two conversations on the question about who should be in charge of IAM in an organization. Afterwards, I run through my records and did some analysis. The main question: Which role do the IAM and GRC responsibles have in their organizations? I for sure only did a sample…

Blog

Access or Identity? Or Authorization? Or Entitlements?

Recently, I had several discussions around terms like Access Management, Authorization, and Entitlements. And I thought about what is in the center – is it the identity or is it access management? Some weeks ago I mentioned in my blog that Hassan Maad, COO of Evidian, has stated that, from…

Blog

Sun's new Access Manager is now OpenSSO Enterprise

Two months after unveiling the new strategy for its OpenSSO platform, Sun releases the next version of Access Manager. In keeping with Sun traditions, it's time for another product renaming exercise - from now on Access Manager will be known as OpenSSO Enterprise, and this version will…

Blog

Trend Report IAM and GRC 2009-2019

Investments in IAM and GRC have to solve current needs - but what about the future? With IAM and GRC building the cornerstones of a holistic security infrastructure, decisions within these areas are fundamentally influencing corporate IT and therefore should remain valid beyond a scope of…

Advisory Note

Trend Report IAM and GRC 2009-2019

Webinar

Oct 02, 2008: Kuppinger Cole Trend Report IAM and GRC 2009-2019

During this webinar, Martin Kuppinger will present the key results of the Kuppinger Cole Trend Report IAM and GRC 2009-2019.

Product Report

Product Report: Symlabs Virtual Directory and LDAP Proxy

Symlabs has launched version 4.0 of its "Virtual Directory Server" and "LDAP Proxy" products in April 2008. Both products are essentially the same code base, but differ in bundled functionality. The LDAP Proxy offers load-balancing, routing and fail-over of directory…

Blog

Motion in the authentication market

With today's completion of the takeover of the SafeWord product family of Secure Computing by Aladdin, a new mobility has entered the dynamic market for strong authentication mechanisms, which has already been expanding in the past three to four years The market had already clearly profited…

Blog

Federation: The actual challenges become visible

The concept of Identity Federation slowly begins to establish itself, whether in Back-End with “classical” approaches or in the form of the user-centric Identity Management. The challenges are also shifted through this. It is no longer about long-discussed topics like standards or also the…

Blog

Sun unveils new models for OpenSSO

Sun has just announced a revamp of its business model around its access management products. Previously, Sun had maintained its Access Manager product as the official commercial release available for customers who wanted a stable product with support. In parallel, OpenSSO was the development…

Blog

Project Concordia shows important step in Federation Interoperability

At the RSA conference in San Francisco 2008 in the second week of April, several vendors demonstrated new interoperability between previously incompatible federation protocols. Through Project Concordia, a new project co-sponsored by the Liberty Alliance and several other vendors, several…

Blog

The secret leader in context-based authentication and authorization?

Context-based authentication and authorization is one of the topics which have the potenzial to become the next hype. I've posted twice on this subject, here and here and we had, led by Dave Kearns, a lot of discussions around this at our EIC 2008. I'm convinced that the topic will become…

Blog

Quest: Two new tools for SSO

Quest is providing more and more tools in the Identity Management space. That is no surprise, given the fact that Jackson Shaw is Senior Product Manager at Quest. Jackson Shaw has been at Zoomit and Microsoft before, thus being one of the “inventors” of Microsoft’s MIIS. During March…

Blog

Yubikey - New Hardware for Strong Authentication

Recently I came across YubiKey, which is a hardware token generator from a young Swedisch comapny called Yubico. YubiKey is a small and slim USB device with just one button. If you push it, the device produces a 1-time password and sends it to the server. Compared to token generators in card…

Blog

GRC and IAM - you can't separate it

At EIC 2008 I've presented our view on the relationship of GRC and IAM as well as our definition of the GRC market, the core results of our GRC market report 2008. Basically, the generic GRC tools we see emerging in the market are becoming more and more the business layer above the classical…

Blog

Identyx and Symlabs release new versions of Virtual Directory

In the first half of April, two vendors of virtual directory products have announced new major version of their software. Identyx, based in Austin, Texas, announced the availability of version 2 of the Penrose Virtual Directory. Symlabs, based in Lisbon, Portugal, announced version 4 of the…

Blog

Siemens DirX - back in the IAM market...

Some time ago, as a result of some of the fundamental reorganizations Siemens had to do within the last two years ago, the department responsible for the DirX solutions has been moved into the healthcare unit of Siemens. That was a somewhat unusual place for an identity management product…

Blog

Federation and auto-provisioning

Ping Identity recently announced the availability of Version 5.1 of Ping Federate in their blog. What caught my attention was that Ping has now also finally added a feature I (and others) call "auto-provisioning" or "federated provisioning". In federated environments, when users from other…

Advisory Note

Trend Report: IAM und SOA 2008

Eine gemeinsame Studie von KCP und Ernst & Young AG Wirtschaftsprüfungsgesellschaft Steuerberatungsgesellschaft Deutschland

Advisory Note

Trend Report SSO 2008

Single Sign-On (SSO) ist eines der wichtigsten Felder im Identity Management. Durch eine vereinheitlichte Authentifizierung können eine Reihe von Business-Values erreicht werden, darunter reduzierte Risiken für Sicherheit und Compliance sowie niedrigere Service Desk-Kosten.

Blog

M-Tech - another interesting player in the IAM market

While M-Tech has a long customer list in northern America there are only a few customers here in Europe - even while M-Tech offers a comprehensive IAM suite. But M-Tech plans to address the European market more actively than before. They might have success if they do it the right way, with…

Blog

Novell releases Identity Manager 3.6 with role-based provisioning module

Novell has finally released its Identity Manager 3.6 with integrated role management. There are two points of view on this new feature: In comparison to the integrated role management functionalities of other provisioning solutions. In comparison to the role management products out of the…

Blog

Will there still be provisioning products three years from now?

Today, provisioning is the core element of Identity Management. Most of the products which are usually named “Identity Manager” are built around provisioning, with more or less additional features. But will that be still the case some three years from now? There are several trends which will…

Blog

IBM acquires Encentuate to boost SSO capabilities

On March 13th, IBM announced that it has acquired Encentuate, a maker of enterprise single-sign-on software, session management and strong authentication components. Enterprise single-sign-on works at the desktop session and application level, and is typically implemented as a set of modules…

Webcast

Auswahlkriterien für Provisioning-Produkte

7 Minutes audio enhanced presentation

Webcast

IAM und SOA

8 Minutes audio enhanced presentation

Blog

User Centric IAM - all a lie?

I talked to my Sensei-san, Dr. Kpatcha Bayarou of Fraunhofer SIT, recently and allthough only having a few minutes, we came to some extreme views on what User Centric IAM really was about. Power! The power to control who gets access to what of my content and information! You are reading…

Blog

Still unsolved: The relationship between IAM, SOA, and BSM

In a, may be, simplistic view on IT there are three important pillars on the IT infrastructure level. Using the - sometimes improper - buzzwords, these are Identity (and Access) Management (IAM) SOA - in fact more the technologies for business processes and flexible applications, e.g.…

Blog

Context-based Authentication

In the past few years, the approach of risk-based authentication has gained in importance, particularly in banking. The goal is to anticipate possible attacks on the basis of information gained from Fraud Detection solutions used for authentication, and – in these cases – to refrain from…

Blog

Auto-federation and the lighter side of federated identity

Now who says that federated identity can't be entertaining as well. On January 24th, Sun's Daniel Raskin, who is involved in Sun's OpenSSO project, poked a bit of fun at competitor Ping Identity by putting a short videoclip up on his blog which would help "explaining the differences" between…

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00

Discover KuppingerCole

KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Latest Insights

Spotlight

AI for the Future of your Business Learn more

AI for the Future of your Business

AI for the Future of your Business: Effective, Safe, Secure & Ethical Everything we admire, love, need to survive, and that brings us further in creating a better future with a human face is and will be a result of intelligence. Synthesizing and amplifying our human intelligence have therefore the potential of leading us into a new era of prosperity like we have not seen before, if we succeed keeping AI Safe, Secure and Ethical. Since the very beginning of industrialization, and even before, we have been striving at structuring our work in a way that it becomes accessible for [...]

Blog

Blog

As You Make Your KRITIS so You Must Audit It

Organizations of major importance to the German state whose failure or disruption would result in sustained supply shortages, significant public safety disruptions, or other dramatic consequences are categorized as critical infrastructure (KRITIS). Nine sectors and 29 industries currently fall under this umbrella, including healthcare, energy, transport and financial services. Hospitals as part of the health care system are also included if they meet defined criteria. For hospitals, the [...]