Intelligent Enterprise

Better Insight for Business Decisions
Intelligent Enterprise - Better Insight for Business Decisions
search Intelligent Enterprise
Advanced Search
RSS
Webcasts
Digital Library
Subscribe
Home



September 1, 2003

Who are You?

Although system complexity is a struggle in itself, it breeds yet another challenge: security. End users should not bear the burden of complex security, especially as systems become ever more distributed. Identity management is essential, but there's more than one way to implement it.

by Tulu Tanrikorur

Continued from Page 2

IM Framework

What framework should you use to build an IM solution that's consistent with the overall security goals of your enterprise? A framework can address all the different interactions and dependencies of complementary functions important to IM (see Figure 2).

At the center of the framework in Figure 2, you will notice a consolidated repository of user accounts. Having only one central security repository for the enterprise isn't a requirement, but rather an option for implementing IM. While provisioning and SSO products will require you to choose a centralized repository solution using either a directory or database, the main goal is to reduce the number (and therefore the maintenance) of security repositories. For various security reasons (such as separating internal and external users), a more realistic assumption is that organizations will prefer to implement security with combination semicentralized repositories. Depending on the type of a request, separate security systems can authenticate and authorize users. In any case, communication among different security data stores will happen either through agents on managed systems or through secure protocols (that is, without agents).

IM products may support different types of authentication and authorization methods. It's important to ascertain whether their implementations — and administrative tools and functions — will be compatible as you develop your IM plan.

An IM framework wouldn't be complete without supporting federated identity. A prerequisite to instituting IFed among various domains of networked systems is knowledge of the trust-model interoperability among the multiple security systems in the federation and the set of standards those systems support. Some vendors influence standards. Being familiar with the leaders' technology directions and implementation approaches will smooth your progress toward building an IM strategy and integrating it with existing security infrastructures.

Getting There

While every organization has different security needs, policies, and priorities, all share some basic steps to follow in planning for a solid IM infrastructure. Here are six areas that demand focus:

  1. What are the most important problem areas? Prioritize issues such as administrative costs and productivity; ease of use; strong or moderate authentication; help-desk efficiency; and so on.
  2. Which category of IM product solutions offers the best fit for your needs? If passport management is what you need, SSO and metadirectory solutions may not be necessary. However, consider carefully whether a directory or repository approach fits with your vision, given the management advantages.
  3. Can the IM solution be cost-justified? As IM product capabilities increase, generally so do their acquisition and implementation costs.
  4. Have you shared your vision with managers of other departments and organizations within your enterprise? Implementing a provisioning solution, for example, requires greater commitment from all.
  5. Will the IM solution duplicate components that already exist in your current infrastructure?
  6. Have you properly considered how future needs will affect the product capabilities you are considering now? Will the chosen product integrate with another one later? Can your vendors satisfy future needs?



Rate This Article

Comments:

Optional e-mail address:

With heightened interest in developing a secure infrastructure that can spread information awareness throughout the enterprise, the IM product category is growing and evolving rapidly. Incremental implementation makes the most sense, within the framework of a shared vision. The greatest security and comfort to everyone is in knowing that technology choices match correctly with business needs now and in the future.


Tulu Tanrikorur [wtmtrk@yahoo.com] is vice president of Technology at Diversified Investment Advisors in New York. He has more than 15 years of experience in building and designing applications and managing enterprise architecture. His chief interests include distributed systems architecture, systems integration, and database design.

RESOURCES

"Exploring Identity Management", Paul Pannell, SANS Institute, 2002.

"Enterprise Security", David Leon Clark, Addison-Wesley Information Technology, Series, 2003.


Most Popular This Week
Nine Choices on the Road to BI Solution Centers
Business Process Management 101: The Basics of BPM and How to Choose the Right Suite
Performance Management: Link Operational Decisions to Strategy
Business Intelligence 2.0: Simpler, More Accessible, Inevitable

IE Weekly Newsletter
Subscribe to the newsletter
    Email Address







InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space