Dave Birch: The focus on biometrics in the mass market Well, it's no surprise that following the launch of the new iPhone 5s with it's new "Touch ID" fingerprint sensor that the combination of the mobile phone and biometrics is a focus for discussion in our little corner of the secure electronic transactions world. As was widely anticipated following their $300m purchase of the fingerprint sensor manufacturer Authentec, Apple have added a sensor to the home button of the new iPhones so that users can authenticate themselves using, well, themselves.
Dave Kearns: I ♥ Biometrics If you've followed my writings for very long, you know I'm a strong believer in biometric authentication. (See, for example, this Network World column from over a dozen years ago) Why? Well, for one reason, unlike a password or a hardware token, you can't misplace or lose a biometric (fingerprint, facial scan, keyboard dynamics, etc.) - it's always with you. Now, there's another biometric system for you to look at.
Steve Tout: Doesn't Anybody Use IdM Standards Anymore? When I am not at work thinking about solving tough issues in Cloud & Enterprise Identity & Access management, I have music on my brain. Music has a way of calming frayed nerves...yet it also has a way of inspiring moments of pure genius. This is one of those times for me. Or maybe not - you be the judge.
Michael Schwartz: Auction for "Internet Graph" Painting by Jean Pierre Verdijo to Commemorate CrowdTilt Success ! Even before the Rosetta Stone announced the coronation of King Ptolemy V, art has announced and commemorated great historical events. Perhaps the success of a crowdfunding effort for OAuth2 Apache plugins is not as noteworthy as the establishment of a divine cult for a new ruler. But for geeks in two-thousand years, who knows... maybe it will be a pivotal event! With that somewhat ridiculous idea in mind, I asked Jean Pierre Verdijo, an Austin painter, to work on a commemorative art series that would provide an update to the 2011 Artista Family Tree painting (see below): (1) one for Gluu (2) one for Falcon Systems Consulting of Japan, who was the largest sponsor of the crowdfunding, and (3) one for auction to the community.
Bjorn Aannestad, UnboundID: SCIMming Along It's been 13 months since the SCIM 1.1 standard was published at IETF.org. Interest and adoption have grown in the vendor community and with our customers ever since. Ping's Technical Director in the Office of the CTO, Mark Diodati, is hosting a webinar this week on SCIM, and there are great recent additions to the list of vendors who have SCIM implementations on offer. And while wide adoption of SCIM is always something we encourage, it was gratifying during a recent interoperability test to find out that UnboundID still has the "most complete implementation" - just as an aside.
Anil Lohn: How To Enroll a User, Even When There are No Shared Identifiers My last two blog posts covered various approaches to relying party user enrollment within the context of public sector online services that need higher assurances of identity. The key item that made this possible was a shared piece of information between the person and the RP. This blog post looks at options to consider when such information does not exist or cannot be used due to policies or laws.
Tim Bray, Google: FC6: Who Are You? This is part of the Federation Conversation, where commenter Jashan worried, reasonably enough: "Users tend to forget which of the gazillion available services they have registered at your site with. And then they're too lazy to try all the possibilities. And then they're gone." Ouch!
Ranjeet Vidwans, Identropy: Cloud SSO vs. Cloud IDM - There's a Glitch in the Matrix Many of us who have been in the IAM industry for a long time have lived through an incredible evolution of the drivers for Identity Management. The business drivers back then were a combination of productivity and security. Lots of companies emerged to address this market. Just at Identropy, we have representation from three vendor camps of that era - Oblix (Frank and Tom), Securant (Aldo), and enCommerce (your humble servant).
Vittorio Bertocci, Microsoft: Active Directory Authentication Library (ADAL) v1 for .NET - General Availability! Through the year we produced a lot of material on ADAL, but between name changes (it started its existence as Windows Azure Authentication Library - AAL) and features set variations it might not be super easy for you to get a good idea of what the product does. The good news is that the MSDN documentation for ADAL is on its way. Also, I am going to take this chance to pretend that I never wrote anything about ADAL and use this post to (re)introduce the library to you, so that you can be confident that what you are reading is up to date for the RTM version.
Ronnie Mitra, Layer 7: Nordic APIs On the other side of the ocean and closer to home for me is next week's Nordic APIs conference in Stockholm (September 18-19). I've been to a few of the smaller API design conferences that the Nordic APIs team has put on and I can say without a doubt that this will be a conference worth attending. They've always done a great job of putting together sessions that will appeal to developers on the leading edge of API design as well as those who are looking for practical solutions.
Bradford Stephens: Calling all developers to meet-up, drink-up This week with Apigee, I'm helping launch a global program to connect with like-minded enterprise developers from around the world; share a cold drink with them; swap stories about apps, APIs and data; and give one lucky participant a trip to San Francisco. We're calling this The Enterprise Hackers Social Club because it's dedicated to the people making it happen at big companies. We're kick starting the program with "drink-up" events in Berlin, Amsterdam and London from Sept. 24-26.
Phil Windley: My Dryer: A SquareTag Case Study But more importantly, once we start identifying bits of information as being about a particular product (e.g. by model number), it's easier to structure and collate. The timeline on my dryer starts to look like a little blog for my dryer. Granted, there's not much there, but what is there might interest someone else who needs to fix the door latch. Creating communities around common products - whether with my friends or a wide audience - is easy.
Launch of The Legal Forum at ID Commons The Forum on Law of Identity and Personal Data (aka "Legal Forum" or "ID-Legal") was chartered by unanimous vote of the ID Commons, Inc. Stewards in July 2013 following the re-initialization of ID Common's legal working group at the Spring 2013 IIW in Mountain View, CA.
William Heath, Mydex: Personal Data in Health and the Role of the Individual History tells us that large centralised IT systems such as the NHS's National Programme for IT are an expensive and dysfunctional way to deliver modern public services. Contemporary computer science tells us rapid proliferation of population-scale datasets and unimaginably powerful new search tools makes the promise of anonymisation harder to sustain
What Does it Mean to Embrace the NSTIC Guiding Principles? As the IDESG Trust Framework Trustmark (TFTM) Committee continues to consider various approaches to support a trustmark scheme for the Identity Ecosystem - and other IDESG committees such as standards, security, and privacy contemplate the appropriate requirements - committee members have continued to urge that, regardless of the particular approach taken, any IDESG scheme should embrace the four NSTIC guiding principles.
Identity Woman: Interesting events in 2013 This is a calendar of events that I know in 2013 (and beyond). I think they're interesting, I'm currently planning on attending all the events in BLACK, I'm helping co-organize all the events with RED headlines. Some events will change from interesting to attending as they approach.
pii2013 The 4th annual Privacy Identity Innovation conference, pii2013, will conclude today at the Bell Harbor International Conference Center in downtown Seattle. (#pii2013 on Twitter)
Digital Enlightenment Forum 2013 The 2013 edition of the annual event of the Digital Enlightenment Forum (DEF) will take place Sept. 18-20, 2013 at the Crowne Plaza Hotel in Brussels on the theme "Personal data and citizenship in the digital society." The event includes a "Digital Futures Workshop" on the theme "The future of personal data and citizenship", co-hosted by the Digital Enlightenment Forum and the Digital Futures Task Force of European Commission's DG CONNECT.
12th Annual Smart Card Alliance Government Conference Washington, DC; October 14 - 16, 2013 | 8:30 AM - 5:00 PM The 12th Annual Smart Card Alliance Government Conference will survey opportunities and challenges for government issuers, accreditation and testing authorities, procurement programs, and the industry to meet the government's market demands.
User-Centric ID Live Opportunities for relying parties in NSTIC and the new identity ecosystem October 15-16, 2013 - Washington Convention Center, Washington, D.C.
eID & ePass 5th edition National eID & ePassport Conference - the Global Forum on the drivers behind the digitalization of citizen ID documents proudly announce the 5th edition in BERLIN 2013, 28th & 29th of October @Intercontinental Berlin.
InCommon Advance CAMP: Identity Services Summit November 12-13, 2013 San Jose, CA. https://spaces.internet2.edu/display/ACAMP2013/Home Part of the 2013 Identity Week (www.incommon.org/idweek) Join leading identity architects and developers from U.S. research and higher education and international and commercial identerati at Advance CAMP: Identity Services Summit. Explore the state of the art in identity services and discuss the leading edge work that's taking us there. Join us and get involved!
InCommon: CAMP Cloud: Identity and Access in an Era of Outsourced Services November 14-15, 2013 - San Jose, CA. Part of the 2013 Identity Week (www.incommon.org/idweek) Are your campus stakeholders looking at cloud-based solutions? Are you experiencing challenges or do you have concerns with outsourcing email, storage, or other essential services? Are you concerned about the management and maintenance of an accurate, accountable identity inventory? Come to "CAMP Cloud: Identity and Access in an Era of Outsourced Services" and learn about solutions being discussed and implemented across higher education.
KuppingerCole Information Risk & Security Summit 2014 Nov 27-28, 2013, Frankfurt, Germany The Information Risk & Security Summit Frankfurt 2014, taking place on November 27 - 28, 2013 at the Frankfurter Innovationszentrum FIZ Conference Lab, Frankfurt/Germany, offers an unseen combination of thought leadership and interactive session formats, tackling the most demanding questions IT professionals are confronted with: How to support the extended & connected enterprise with brilliant services without taking too many big risks.