advising on IT-business alignment
IT-business alignment about us blog our services articles & reports resources your profile exposure
blog
blog
Friday, November 16, 2007

Roles play a prominent role in identity management this week

Back in September Oracle announced that it had acquired privately-held Enterprise Role Management (ERM) player Bridgestream continuing its "identity management-through-acquisition" strategy. With many eyes focused on the company's Oracle Open World shindig this week, Sun also entered the fray with its plans to acquire another leader ERM independent: Vaau. Role-based access control (RBAC) is hardly new: the US' National Institute of Standards and Technology (NIST) initiated standardisation efforts back in 2000 and an ANSI/INCITS standard (359-2004 if you're that way inclined) was published in 2004. So why all this acquisition activity?

As with many things identity management, it's primarily driven by compliance, with a small helping of increased operational efficiency and cost reduction. As well as promising to streamline the provisioning and de-provisioning of entitlements, roles can help organisations to define, enforce and demonstrate those entitlements to address regulatory compliance demands.
The realisation of that potential, however, has proved elusive. Organisations have struggled to identify (!) the roles that they need, and inconsistent management approaches have often resulted in an explosion of roles to the point where there are as many roles as users. The likes of Bridgestream, Eurekify and Vaau, whose offerings provide role discovery, analysis, allocation and provisioning, emerged specifically to address these challenges, creating the identity management sub-market of ERM along the way.

With compliance top-of-mind for many of their customers and prospects, the major identity management suite vendors who were unable to respond as rapidly as the nimble ERM start-ups quickly established partnerships and, in some cases, moved beyond the press release to actually provide pre-built integration. Sun, for example, provides bi-directional data integration with Vaau (which should help to speed up the integration process). With two of the leading ERM players now with competitors, this leaves the likes of CA and IBM in an interesting position. Their partnership teams no doubt have their eyes (and potentially their wallets) pointing in the direction of Israel, where Eurekify is based.

Some of you may wonder why I didn't include Novell in this list. Had I been writing this post straight after the Sun announcement it would have been. But not long after the announcement I came across this post from an identity management group blog at Novell, which discusses how the company has been building its own role management capabilities, focused on role provisioning, exploiting its directory heritage (discussed in more detail in our assessment here) and partnership with Eurekify for role discovery and analysis. The post's author claims no knowledge of acquisition talks. Then lo and behold, and far be it from me to suggest that Sun's announcement had anything to do with the timing, the next day Novell announced its new Roles Based Provisioning Module.

Of course, a Eurekify acquisition by Novell could still be on the cards, despite the blogger's ignorance of any such discussions, but it seems to me based on Novell's stated strategy that the Israeli company is more likely to end up in the arms of CA or IBM.

The implications for customers are varied. Bridgestream and Vaau customers, who have plumped for a vendor other than Oracle or Sun, should be a little nervous and seeking concrete assurances regarding ongoing support. Customers of the likes of CA, IBM and Novell who are considering ERM will have to think very carefully before plumping for Bridgestream or Vaau for similar reasons.

Labels: , , , , , , ,

posted by Neil Macehiter @ 3:08 PM 0 comments permalink
Comments: Post a Comment

<< Home
contact us ¦ feedback ¦ terms of use ¦ privacy policy ¦ site by CWL

Read our articles and reports covering the key aspects of IT-business alignment
See who has influenced our thinking

Burn this feed
Burn this feed!

Creative Commons License
This work is licensed under a Creative Commons License.

Blog home

Previous posts

Links for 2007-11-14 [del.icio.us]
Ah yes, it's BPM... but which BPM is it?
Social graphs? Puh-lease.
Links for 2007-11-06 [del.icio.us]
Google the new Microsoft? No comparison
Links for 2007-11-04 [del.icio.us]
Links for 2007-11-03 [del.icio.us]
Links for 2007-11-02 [del.icio.us]
Links for 2007-10-31 [del.icio.us]
Links for 2007-10-30 [del.icio.us]

Blog archive

March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
May 2008
June 2008
July 2008
August 2008
September 2008
October 2008
November 2008
December 2008
January 2009
February 2009
March 2009
April 2009
May 2009
June 2009
July 2009

Blogroll

Andrew McAfee
Andy Updegrove
Bob Sutor
Dare Obasanjo
Dave Orchard
Digital Identity
Don Box
Fred Chong's WebBlog
Inside Architecture
Irving Wladawsky-Berger
James Governor
Jon Udell
Kim Cameron
Nicholas Carr
Planet Identity
Radovan Janecek
Sandy Kemsley
Service Architecture - SOA
Todd Biske: Outside the Box

Powered by Blogger

Weblog Commenting and Trackback by HaloScan.com

Enter your email address to subscribe to updates:

Delivered by FeedBurner