Microsoft IDAM Strategy
Submitted by gmahoney on Tue, 2007-02-20 21:22.
The following is a summary of a Microsoft webcast:
Optimize Your Identity and Access Management Infrastructure
October 12, 2006
Sandy Sharma, Vice President of Technology and Strategy, INS
Microsoft is focused on five identity management solution areas:
1. directory services
- Tech/Product: ActiveDirectory
- support for multi-authentication tech; e.g. pki, multi-factor
- SSO, particularly within office environment
- PEP and auditing
- federation; app with enterprise and interaction with partners
- overall mgmt of users and credentials mged through AD
- foundation for workflow integration?
- visual studio part of integrated environment
2. identity lifecycle management
- Tech/Product: MIIS
- workflow automation; both IDM-specific (provisioning), and more general approvals
- dynamic environment of employees, contractors, and partners
3. access management
- Tech/Product: AD Federation Services (ADFS) (formerly Trust-Bridge), released with WinServer 2003 R2
- primarily federated access between trusted domains; focus on external users (e.g. trading partners)
- Kerberos tokens
4. information protection
- Tech/Products: Sharepoint, InfoPath, Vista
- identity is a root issue for document access control
- legal/regulatory compliance, unintentional leakage (e.g. internalmemos.com)
- 80% of business data is on personal machines
5. strong authentication
- Tech/Product: Certificate Lifecycle Manager (CLM)
- smart card/multi-factor is growing pervasive
» gmahoney's blog | login to post comments