Like Google, Salesforce, Microsoft and others, we spend a lot of time at Ping thinking about how to scale up identities and identity federation to very large numbers. Hans Zandbelt from our Office of the CTO is the lead on pulling this all together:

  • Hans Zandbelt: Federation at Scale
    “Over the last decade federated identity has been widely adopted by many enterprise businesses to realize secure Single SignOn (SSO) to a large variety of applications. Nowadays, federated SSO technology is commonly applied between the enterprise and its Software-as-a-Service (SaaS) and BPO providers, suppliers, trading partners, etc. and to cloud applications in general. While organizations gain significant business value from identity federation, they still face major hurdles as they look to scale...These hurdles include both business and technology barriers and the burden increases when there is a requirement to deal with multiple identity federation protocols such as SAML 2.0, WS-Federation and OpenID Connect.”

There were a number of other items of interest to the identity community:


  • Bob Sullivan: Your employer may share your salary, and Equifax might sell that data
    “The Equifax credit reporting agency, with the aid of thousands of human resource departments around the country, has assembled what may be the most powerful and thorough private database of Americans’ personal information ever created, containing 190 million employment and salary records covering more than one-third of U.S. adults.”
    [I was delighted to learn that my employer would never participate in something like this!]
  • Mike Jones: An update on our war against account hijackers
    “I recommend reading Google’s post "An update on our war against account hijackers." It describes the kinds of measures taken by professionally-run Identity Providers to defend against account takeover. A message not stated but implied is that consumers and Web sites are far better off depending upon identities provided by organizations with the resources and dedication to successfully fight takeover attempts. Sites with their own username/password login systems without these defenses are vulnerable, and would be better off using federated identities from professionally-run Identity Providers.
    [Google: An update on our war against account hijackers]
  • Loren Russon: Security Threats and the Identity Perimeter
    “It's great to have a CTO office full of experts to help make my job - and yours - easier. Last week, the Ping Identity CTO team (John Bradley, Pamela Dingle, Mark Diodati, Paul Madsen and Hans Zandbelt) held a Webinar about looming identity-related security threats for 2013. (Patrick was away on special assignment).”
  • Steve Ranger: On the internet, now everybody knows you're not a dog
    “Internet anonymity is being eroded by desires to streamline online transactions and the demands of web businesses to know more about us. But is this new world, where everybody knows your name, really a good thing?”
  • Lauren Horaist: Risk-Based Authentication: What’s Context Got to Do With It?
    “In the dynamic world in which we live, context is everything. This holds true in the online world, too. In our everyday lives, we constantly make decisions based on contextual data and potential consequences. Why shouldn’t our security technologies make decisions in similar, intelligent ways?”
  • Gadi Ben-Yehuda: Who Are You? Four Trends in Identity Management
    “So far in this series, I’ve written about mobile technology, connected sensors, 3D Printing (which I called Products-on-Demand or PonD), and Advanced Sharing. Each of these is important, but the capstone, what will act as a force-multiplier for each, is a better understanding of and method for identity management.”
  • Stephen Wilson: An algebra of identity
    “For more precision, maybe it would be useful to get into the habit of specifying the context whenever we talk of a Digital Identity. So here's a bit of mathematical nomenclature. It's not strenuous!”
  • Mark Dixon: Big Data is Watching You
    “Nishant Kaushik’s tweet today prompted some paranoid thoughts about the use of big data analytics.”
  • Symplified Releases New Research on Identity-as-a-Service
    “Security is Top Reason for Adopting IAM and SSO as Application and Identity Management Increases, Yet Data Exposure and Compliance Issues are Pervasive”
  • Dale Olds: If you must have a password…
    “… make it easy to remember and hard to guess.”
  • John Fontana: It takes a village to kill a password
    “Do end-users, online services, email providers and other invested parties have a collective conscience that can build a better credential and make the Web a safer place?”
  • John Fontana: Passwords, start from the hack and work back
    “When end-users build a password they should ditch their own cleverness, pets, siblings, enemies, spouses, birthdates and instead check their creation against a password-cracking dictionary.”
  • Chris Hoff: Intel TPM: The Root Of Trust…Is Made In China
    “This is deliciously ironic. Intel‘s implementation of the TCG-driven TPM — the Trusted Platform Module — often described as a hardware root of trust, is essentially a cryptographic processor that allows for the storage (and retrieval) and attestation of keys.  There are all sorts of uses for this technology, including things I’ve written of and spoken about many times prior. “
  • Rachael Botsman: Welcome to the new reputation economy
    [I came across this Wired article from last August.  It is a print version of her famous TEDTalk with some additional information and links.]
  • Sean Deuby: A New Approach to Identity Management
    “With the advent of cloud-based identity management as a service (IDaaS) offerings, there are more ways to get these answers from both on-premises applications and the cloud services your users subscribe to. These solutions allow you to rearrange the puzzle pieces of identity management into different configurations to provide varying types of functionality. This month, I’d like to look at where different types of solutions fit into your existing identity management architecture, and examine the emerging puzzle called “from the cloud.” Collectively, Gartner has christened these solutions as identity bridges because they bridge your on-premises identity systems with cloud systems. I wrote about this topic in more detail in “Building Your Identity Bridge to the Cloud.””
  • Adrian Lane: Understanding Cloud IAM: Implementation Roadmap
    “The last post described three common use cases for Cloud IAM: Single Sign On, Provisioning, and Attribute Exchange. The good news is that the process of creating a deployment roadmap is largely the same, regardless of which use case you choose. But every customer’s environment and priorities are different, so delivering on these use cases requires a slightly different implementation and project plan for every customer.”
  • Mark Dixon: Graph Databases
    “That shows my ignorance of emerging database technology. After posting that comment and sheepishly realizing Ian probably knew what he was talking about, I googled “Graph Database” and came up with some interesting hits. While it appears that graph databases are still in a fairly early stages, at least for commercialized products, this technology appears to be well ensconced in the Googles, Facebooks and Twitters of the world.”


  • The Second Personal Cloud Meetup
    “The first Personal Cloud Meetup in San Francisco last month was so successful that the second one is upon us already. Hosted by Orange Silicon Valley, it’s [February 26] from 6-9PM at their offices at 60 Spear Street between Mission and Market in downtown SF.”
  • Non-Profits on the Loose @ RSA
    “February 26th from 5-8pm @ Minna Gallery, come join Kantara and our partners at the “Non-Profits On the Loose” RSA hospitality night using your RSA badge or the invite below. Rub elbows and break bread with some of the coolest non-profit leaders in the cybersecurity and Identity Management spaces.”
  • Kantara Initiative to Appear at HIMSS13
    “New Orleans welcomes the 2013 HIMSS Annual Conference and Exhibition, March 3-7, 2013, at the Ernest N. Morial Convention Center. More than 36,000 healthcare industry professionals are expected to attend to discuss health information technology issues and review innovative solutions designed to transform healthcare.”
  • Google Recognizes International Women's Day in Boulder
    “Google Events Team
    Wednesday, March 6, 2013 from 6:00 PM to 9:00 PM (MST)
    Boulder, CO
    Google is excited to partner with the Society of Women Engineers (SWE) and the National Center for Women & Information Technology (NCWIT) in honor of International Women's Day, a celebration of women's economic, political, and social achievements. This is a special day for Google because of the incredible contributions women have made to technology -- from Ada Lovelace to Anita Borg.”
  • SX GoLab Identity Biergarten
    Saturday, March 9, 2013 from 5:00 PM to 8:30 PM (PST), Austin, TX
    Insiders know that some of the most exciting and important events that take place in Austin, Texas, during this time of year are the ones that take place on the fringe of the marquee interactive festival that is happening in the middle of downtown Austin March 8 – 12. South by GoLab is THE event for technology-focused companies and the businesses that serve them. Think of South by GoLab as the off-Broadway show that generates as much or more excitement than the Broadway show.”
  • Cloud Identity Meetup
    “Gluu, Monday, March 11, 2013 from 12:30 PM to 1:30 PM (PDT), Austin, TX
    Join Gluu CEO & Founder Mike Schwartz for an official SXSW meetup and discussion on current Internet standards for identity from the IETF and other relevant organizations, including OAuth2 and OpenID Connect.”
  • 5th Federated identity management for research communities (FIM4R) Meeting
    “Villigen (Switzerland), 20-21 March 2013
    This workshop in the fifth in a series that started in summer 2011 to investigate Federated Identity Management for Research (FIM4R) collaborations.”
  • First eID-Network Conference
    “Brussels, 20 March 2013
    The first eID-Network Conference will be held on March 20th 2013 in the Egmont Palace in Brussels, in close cooperation with the annual EPCA Payment Summit. The eID network conference focuses on eID in relation to online services toward persons, businesses and governments. We believe eID and related concepts are crucial for advancing e-business transactions, therefore we refer to this as ‘transactional eID’.”
  • IDESG Online Meeting
    “Fri, March 22, 2013 2:00 PM - 5:00 PM EDT”
  • Dan Whaley: I Annotate: A Workshop
    “After two decades of progress in infrastructure and web technologies, we believe the time is finally at hand to realize the widespread annotation of human knowledge. On a recent call a suggestion was made to bring together people building annotation solutions with those that ultimately will use them. The obvious sensibility of that idea led a number of us to approach the Andrew W. Mellon Foundation for funding for a workshop, which they approved several weeks ago. We’re calling it I Annotate, and it will be April 10-12, here in San Francisco, at the Fort Mason Center.”
  • Internet Identity Workshop XVI #16 - 2013A
    “Phil Windley, Kaliya Hamlin, & Doc Searls
    Tuesday, May 7, 2013 at 8:00 AM - Thursday, May 9, 2013 at 4:00 PM (PDT)
    Mountain View, CA.
  • European Identity & Cloud Conference 2013
    “May 14 – 17, 2013 at the Dolce Ballhaus Forum Unterschleissheim, Munich/Germany,”
  • Call For Papers – Open Identity Summit 2013
    “September 10th – 11th 2013, Kloster Banz, Germany
    Deadline for electronic submissions: May 15th, 2013
    The aim of Open Identity Summit 2013 is to link practical experiences and requirements with academic innovations. Focus areas will be Research and Applications in the area of Identity Management and Open Source with a special focus on Cloud Computing.”


  • Drummond Reed: Book as API: A Perfect Job for XDI
    “When we first started working on XDI at OASIS in 2004, the goal was a standard format and protocol for data sharing. We were thinking mostly about the data that was already in databases and other conventional data sources. But now that “everything is turning into data”, the problem space to which XDI applies keeps growing wider. My latest favorite example is the Book as API post from Alistair Croll’s Solve for Interesting blog. It’s about a talk he and Hugh McGuire gave at O’Reilly’s Tools Of Change conference about the future of the book. It describes how havng an API can unlock the value of the intellectual energy in every book the same way a user interface unlocks the power of a software program.”
  • Craig Burton: How to Make an API
    “Making an API is hard. It is also a tough question. A small company out of England has figured out how to let anyone make an API with just: Dropbox; A Spreadsheet; A Datownia SaaS account”

Cloud Computing

  • Holger Reinhardt: The Internet of (Interesting) Things
    “Right now, a lot of companies are gearing up for Mobile World Congress – and Layer 7 is no exception. I’m attending MWC and I’ll be interested to see how the Internet of Things (IoT) and M2M play out at the conference. IoT has been getting a lot of attention recently, so – in preparation for MWC – let’s take a look at some of the most interesting things that have been said and done in the last couple of months.”
  • John Chambers: The Possibilities of The Internet of Everything Economy #IoE
    “In an effort to better understand the extent of the opportunity for our customers presented by increasing connectedness, Cisco has conducted analysis on the potential economic impact of the Internet of Everything, the findings of which we’re releasing today. Our analysis indicates that there is as much as $14.4 trillion of potential economic “value at stake” for global private-sector businesses over the next decade, as a result of the emergence of the Internet of Everything.”
  • Scott Morrison: Cisco & the Internet of Everything
    “John Chambers, CEO of Cisco, just published a good blog entry about the potential for change caused by universal connectivity – not just of our mobile gadgets but of pretty much everything. Recently, much has been said about the so-called “Internet of Things” (IoT), of which Cisco is expanding the scope, going so far as to make a bold estimate that 99.4% of objects still remain unconnected. This, of course, is great fodder for late-night talk show hosts. I’ll leave this softball to them and focus instead on some of the more interesting points in Chambers’ post and the accompanying white paper.”
  • Phil Windley: Writing a SquareTag Application
    “Anyone can write a SquareTag application. Jessie Morris has written two simple tutorials for the beginning SquareTag programmer:”
  • Drummond Reed: The Real Killer App for Personal Clouds
    “I’ve been working for several years now on building infrastructure for personal clouds (that’s the entire goal of the Respect Network based on the Respect Trust Framework). I’ve helped design, discuss, and debate dozens of powerful new apps for personal clouds (see several that were shown at the SWIFT Digital Asset Grid session in Osaka last October). During that time, I can’t count how often I’ve been asked: what will be the killer app for personal clouds?”


  • Ross Garrett: Journey to the Center of the Mobile World
    “Mobile World Congress – three words that strike fear into the hearts of marketing managers everywhere, for this is the largest mobile event of the year and we’re just a few days away from seeing 70,000 visitors descend upon Barcelona like a kettle of vultures, hungry for new innovations. This year, they will be treated to new hunting ground too, as MWC moves to a new, larger venue with more room for fresh meat. Before that metaphor gets completely worn out, let’s take a look at what we can actually expect from this year’s show.”

Valuable Identity

  • Dave Birch: Don’t bank on identity
    “More than one correspondent has asked me why no banks are on the initial list of approved identity providers (IDPs) for the British government identity assurance (IDA) framework. I belong to the IDA working group on privacy and security and, as you might imagine, Consult Hyperion has provided (and is providing) paid professional services to a number of organisations in the private and public sectors who are developing identity-based products and services. So I think I have a reasonable and well-informed perspective. Unfortunately, it also means that I have to be very careful about what I say, as you might also imagine. But speaking generally, and without reference to any specific clients or projects, I'd say there are three main reasons:”


* Required Fields