view counter

Security Feed

Oracle Security, Compliance, and Identity Management resources, news, and support articles.

It’s about Provisioning, not provisioning

In 2010, I gave a (in retrospect somewhat optimistic) talk at the Catalyst conference in which I described a pull-based architecture for account provisioning. SAML was a central part of that architecture, especially in supporting Just-In-Time  (JIT) Provisioning, which I was sure was going to be important to the evolution of enterprise cloud applications.

New Draft for Enabling OAuth2 To Be Used for Authentication

In my last blog post, I discussed the issue of OAuth2 and authentication:  Simple Authentication for OAuth 2? What is the Right Approach? As promised, I submitted a draft to the IETF for discussion in Berlin at the beginning of the month. While the working group didn't get a lot of time in the meeting to talk about the authentication issue (it wasn't formally on the charter), the submission did

Thanking the IAM Venn-erables in my own way

Just back from about 10 days out of the country, so still catching up on everything, and will return to the topics from CIS and Catalyst shortly. But in the meantime, a little bit of nonsense.

For my 10,000th tweet, I wanted to do something funny that would celebrate just how much I love Twitter. And since one of the reasons I love it so much is my tweeps in the identity community (or Identirati (or Identerati)), I sent out this tweet:

SaaS to SCIM: Show Me the Money!

I’m on my annual pilgrimage to the Gartner Catalyst conference in San Diego this week, and obviously one of the topics of interest has been standards. In his ‘Hitchhikers Guide to Identity’ talk (a blatant ripoff of mine!), Patrick talked about Standards being one of the pillars of the emerging Identiverse. And in the always entertaining ‘Identity Standards Smackdown’ that Ian Glazer moderates, SCIM and SAML tied as the “winners” (an obviously rigged result since Pam’s OpenID Connect was clearly superior.

Increase online privacy with RetroShare

In a previous article I described how to significantly increase your online privacy with the Tor service. RetroShare is another option for Internet users who are concerned with staying anonymous online. RetroShare is an application that lets you create private, secure network connections (based on 2048-bit RSA-encrypted SSL) with trusted individuals of your choice (a […]

Increase online privacy with RetroShare

In a previous article I described how to significantly increase your online privacy with the Tor service. RetroShare is another option for Internet users who are concerned with staying anonymous online. RetroShare is an application that lets you create private, secure network connections (based on 2048-bit RSA-encrypted SSL) with trusted individuals of your choice (a […]

The Hitchhikers Guide to Identity

Sounded simple enough. Join forces with Pam and Dale to put on a 3 hour workshop at the Cloud Identity Summit exploring all things identity management, each of us having a whole hour in which to dazzle the crowd. And with an awesome theme like the Hitchhikers Guide to help us keep it entertaining.

Cloud-Based IAM is Bigger, Better, Stronger than On-Prem IAM

That is the position is set out to convince people of with my talk ‘IDaaS: The Now Big Thing‘ at this years Cloud Identity Summit. Even with the words ‘Cloud’ and ‘Identity’ in the name of the conference, and even with a fairly friendly crowd, I knew that this would be a somewhat daunting challenge.

Simple Authentication for OAuth 2? What is the Right Approach?

Over a year ago, several people, including myself, raised concerns about using OAuth (RFC6749) for authentication. By this I mean, that application developers are using OAuth enabled service providers as a way to authenticate their users (using Google, Facebook, LinkedIn, Twitter, or another major provider). They do this because they want to eliminate friction by forcing customers to create

CIS Wrapup: What Does Enabling ‘Next’ Entail?

Another Cloud Identity Summit is in the books, and it confirmed its status as one of the premier conferences for all things identity management. Andre and the Ping Identity team did a great job as always, and Napa was a great location (though connectivity did become an issue).

view counter