Ajouter aux favoris   Ajouter cette page à mon bookmark --- SOCIAL BOOKMARKING --- Digg Furl del.icio.us Netscape

Introduction
Identity and Access Management (I&AM) is supported by a range of widely used and reasonably mature protection technologies, that when deployed correctly, enable organisations to operate efficiently in today’s competitive and often difficult trading environments. The efficient management of identity and associated access control issues needs to be of pressing concern for all security-conscious organisations, irrespective of their size or business focus.

This report looks at how I&AM protection technology can be utilised to support the operational need of the business and its users. Business success and the efficiency with which successful organisations drive the delivery of their operational services is empowered by the availability of information – providing the right information to the right people at the right time – but the most significant challenge that all organisations face today is one of maintaining control. There is a need to build trusted environments where the identity of each user can be proved before access rights are granted. These must be environments where customers and citizens can gain on-request access to personal and account information, without running the risk of falling prey to identity theft; where employees are able to gain unencumbered access to corporate networks, systems, and applications, irrespective of where their chosen place of work happens to be; and where business partners and suppliers can be provided with certified access channels to collaborative information sources.

Today we have a situation where business needs to improve and more effectively control the way that it manages and protects its information. From a technical stand-point most of the information that needs to be protected is collected, stored, and made available electronically from within public and private sector computer systems. A vast amount of this information is openly available on demand, but other more sensitive corporate information, whilst still available to the right requestors, requires more qualified access and protection rules. In the main, it is this second type of information that must have adequate security and authentication rules and policies applied each time information users demand access.

Therefore, without the ability to streamline, manage, and control identity, organisations leave themselves extremely vulnerable to a wide range of internal and external threats. Good quality Identity and Access Management (I&AM) acts as a corporate policeman, it determines rights of passage, directs the traffic flow by enabling authorised users to get access to business information, but essentially it provides all the locks and keys to corporate systems and networks. Our view is that the role of I&AM in support of the business and its users is to effect a balance between systems and information protection and the operational needs of the organisation. The locks need to be secure enough to make unauthorised access difficult to achieve, but at the same time the keys must allow smooth and easy access when authorised entrants come calling.

Each individual organisation will have its own specific identity-based protection requirements, and in addition, across specific business sectors there will be a number of common systems and information protection issues. However, I&AM provides a number of core technology components which for the purposes of this report are detailed below:

Identity Management: Controls the use of directory (LDAP) and meta-directory management facilities.
Authentication Technologies: Provides support for single- and multi-factor authentication.
Password Management and Systems Synchronisation: Is used to control the frequency, content, and structure of passwords, and to provide self-service capabilities.
SSO: Delivers one of the key integration layers of I&AM.
Access Control: Web and enterprise access control is a key component of enterprise I&AM.
Provisioning and De-provisioning: Provides the capability to deliver role-based provisioning, individual provisioning, group and departmental provisioning, and appropriate de-provisioning capabilities.
Administration and Policy Management: Delivers federated and delegated administration facilities, linking through to policy- and regulatory compliance-based requirements.
Performance and Scalability: I&AM has to be driven by a delivery model that is capable of providing service irrespective of traffic flow volumes.

Section1: Management Summary
1.1. Management Summary

Section 2: Business Issues
2.1. Report Objectives and Structure
2.2. Safeguarding and Enabling Business Systems
2.3. Dealing with the Management of Identity
2.4. Examining Vertical Business Issues – I&AM Business Requirements
2.5. Operational Case Studies

Section 3: Technology Issues
3.1. Identity Management Technology
3.2. Authentication Technologies
3.3. Password Management and Systems Synchronisation
3.4. Single Sign-On
3.5. Access Control
3.6. Provisioning and De-provisioning
3.7. Administration and Policy Management
3.8. Standards Bodies and Standards in Practice

Section 4: Architectures and Models
4.1. Building an Effective I&AM Strategy
4.2. Architecture – The Butler Group Model for I&AM
4.3. Deployment – Delivering a Successful I&AM Strategy

Section 5: Market Issues
5.1. Market Analysis
5.2. Market Drivers
5.3. Market Direction

Section 6: Tables
6.1. Butler Group Identity and Access Management Features Matrix
6.2. Butler Group Identity and Access Management Product Capability Diagrams
6.3. Butler Group Identity and Access Management Market Lifecycle Ratings

Section 7: Vendor Comparisons
7.1. Product Comparisons
7.2. Comparison of Vendor Strategies

Section 8: Technology Audits
Avatier Corporation - Avatier Identity Management Suite 7.0
BMC - BMC Identity Management
Bull Evidian - AccessMaster version 7.0.1
CA - Identity and Access Management Suite
Encentuate - Encentuate TCI version 3.0
Entrust - Entrust IdentityGuard and GetAccess
Hewlett-Packard - OpenView Identity Management Suite
IBM - Identity Management
Microsoft - Identity and Access Architecture
Novell - Novell solutions for Security & Identity
Oracle - Identity and Access Management Suite Release 10gR3
Passlogix - v-GO Single Sign-On Platform Version 5.04
RSA Security - Identity and Access Management Suite
Sun Microsystems - Identity and Access Management

Section 9: Vendor Profiles
ActivIdentity
Aladdin Knowledge Systems
Cisco Systems, Inc.
Citrix Systems, Inc.
Courion
CRYPTOMAThIC Ltd.
Cyber-Ark
Cybertrust
Entegrity
GeoTrust
Imprivata
Juniper Networks
LogicaCMG
M-Tech
Nexus
Open Systems Management (OSM)
Ping Identity
Pointsec
PortWise
SafeNet
Secure Computing
Siemens
VeriSign

Section 10: Glossary