Interesting interview of Terry Sigle - Sun Microsystems' Linux and ID management guru - on Sun and Linux Identity Management.
Terry states that the reason that ID management is so important in the Linux space is "because it has the highest adoption rate of them all". I don't discount that but frankly I see Linux as Windows NT. Anyone can put one up. You don't need corporate approval. And as the box becomes mission critical to the business unit, group or corporation over time you end up with yet another "island of identity" that needs to be integrated.
Interestingly enough Terry mentions Active Directory in his response to a few of the interviewers questions about application provisioning and provisioning generally. Unfortunately, the way forward from his perspective is the use of standards like OpenSSO, SAML, Lasso, etc.
My question is: When will legacy applications like SAP, Siebel, Oracle, etc. etc. incorporate these standards? When will mainframes and mid-range systems integrate with these standards?
Why are we all talking about the standards and not getting our legacy apps integrated or pushing those vendors to integrate? I can assure you that we (Quest) are not going to throw out our CRM system for one that supports any standard - we've invested far too much money to do that. Far too much.
identity management, federation, SAML, WS-*
Stolen Credentials Are An IT Security Epidemic
4 hours ago