1210ijasuc06 PDF
1210ijasuc06 PDF
1210ijasuc06 PDF
4, December 2010
ABSTRACT
Every person has his/her own identity. Its important to manage a digital identity in a computer network,
with high priority. In spite of different applications we use in organization, resources need to be managed
and allotted to the appropriate user with proper access rights. Identity management or IdM refers to how
humans are identified, authorized and managed across computer networks. It covers issues such as how
users are given an identity, the protection of that identity and the technologies supporting that protection.
This paper attempts to provide an analysis to various identity management systems based on the state-ofthe-art identity taxonomy factors.
KEYWORDS
Identity management, access management, digital identity, IdM taxonomies, identity management survey
1. INTRODUCTION
In the real world each and every person has his/her own identity. It is equally important to
manage the identity in computer networks with high priority. Irrespective of different
applications/platforms we use in organization, resources need to be managed and allotted to the
appropriate identity/user (i.e. Provisioning Management) with proper access rights
(Access/Policy Management). This process is called Identity Management. To achieve Identity
Management efficiently the digital identity need to be defined properly.
Identity management refers to the process of managing the identities of users in providing
privileges and access rights within a company or an organization by employing emerging
technologies. There is a need for automated application, which defines what data and
applications each user can access, to reduce the time in general. Identity management aims at
increased security and productivity reducing the costs associated with management of user
identities, attributes and their credential. Identity management uses a middleware tool that
identifies the users and manages the privileges and access rights to resources. It minimizes the
multiple user identities across various networks to a single identity that is accepted globally.
Secure identity management touches many diverse capabilities like self-service, single sign-on,
content aggregation etc.
62
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
is very vast with many vendors. And almost all of them are really doing the great job (at least on
any one of the major functionality). By considering the mentioned fact we decided to depend on
IdM related research organizations, in selecting vendors and evaluation factors.
Data management
Access management
Architecture
Customer references
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
Before TIM starts its activity, it must integrate some of the existing applications like clients
directory, HR applications, etc. For this task, IBM uses TDI (Tivoli Directory Integrator), a Java
application that functions as a junction of identity data, both for initial integration and as a
permanent connector when needed. TDI can be installed on Windows & Linux platform. It
helps the organization by offering a clear view of any managed resource. TDI assures the user
with all integration tasks by providing easy methods to reformat dissimilar data, such as
consistently formatting phone numbers, Social Security numbers, and birth dates, etc.
TIMs simulation feature is an advantage, which allows user to try policies like create approval
steps, assign tasks, etc, before enabling them.
Paul Venezia [11] states that, the overall navigation of the UI wasn't so clear. He further states
that when user tries to construct some action, they need to plug JavaScript code into (the small
text field available) in the UI. This provides some power, but it's also significantly more
complex and substantially less elegant than expected. Paul Venezia research describes that, the
reporting engine of TIM is vast and complex. It's possible to generate reports containing nearly
any data present in the system, but again, it's a little challenging to assemble the data in a logical
form. Crystal Reports integration is also present in TIM.
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
focus on extending IAM from a security and systems management discipline to one of
application architecture and development fuels its strategic leadership.
4. ANALYSIS OUTCOMES
This section describes the comparative study of all IdM systems discussed so for. Each and
every graph representation carries the weightage values in Y axis for the mentioned feature. Y
axis is evaluated for the values between 1 and 10. Here the lower bound starts at 1and it
represents minimum weightage. Similarly the upper bound ends at 10 and it represents
maximum weightage. The values mentioned here are calculated based on various factors and
references. And at most all such references, including marketing research analysis, customer
feedback, etc are specified at reference section. These values are calculated with reference to the
availability of data at a specific time period. So, our results may vary/conflict with other
survey/reports. But depending on those of our factors and analytical methodology, these
outcomes can give a good insight to users about various IdM systems.
66
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
10
9
8
7
6
5
4
3
2
1
0
IBM
Novell
Sun
Features & Capabilities
Oracle
Customer references
12
10
10
0
IBM
Novell
Sun
Oracle
Identity management
vision
Breadth of identity
management
solutions
System integrator
(SI) partnerships
CA
67
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
2
0
IBM
Novell
Sun
Oracle
CA
3. CONCLUSIONS
As the IdM market is growing day by day, this enhanced survey can be helpful for both
organization and user in attaining their requirements. This paper is an attempt to provide
standard taxonomies in the area of identity and access management. Still there are many more
taxonomies to be considered and excavate (can be our future scope). So, we are not concluding
with the best or worst any more. Identity management has successfully influenced many IT and
business industries because of its composite nature in both features and benefits. Even after
years of healthy adoption rates, the IdM market is actually just beginning its path toward broad
adoption and deep penetration.
REFERENCES
[1]
Madhan Kumar Srinivasan & Paul Rodrigues, A roadmap for the comparison of identity
management solutions based on state-of-the-art idm taxonomies, Book on Recent Trends in
Network Security and Applications, CCIS, pp. 349358, Springer 2010.
[2]
[3]
Ruth Halperin & James Backhouse, A roadmap for research on identity in the information
society, Identity in the information society journal volume 1 (1) paper no. 1, Identity Journal
Limited, Springer 2008.
[4]
Corinne S. Irwin & Dennis C. Taylor, Identity, Credential, and Access Management at NASA,
from Zachman to Attributes, ACM, 2009.
[5]
[6]
Lori Rowland and Gerry Gebel, Provisioning Market 2009: Divide and Conquer, Burton
Group Market Insight Report 2009.
[7]
Marc Chanliau, Oracle Identity Management 11g, An Oracle White Paper, February 2010.
[8]
Eric Lai, Novell to extend identity management to cloud, virtualized apps, Dec 2009.
[9]
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
[10]
Andras Cser, Identity and Access Management, Forrester Research Report, 2008.
[11]
[12]
[13]
Chris Lavagnino, Delivering Identity and Access Management as an Automated Service, CA,
2009.
[14]
John Fontana, Novell, Sun, Oracle crank out identity management wares.
[15]
[16]
[17]
[18]
Deborah Volk, Oracle Identity Manager 11g, Identity Management Experts Series, Identigral,
Inc, 2009.
[19]
Sun Identity Manager 8.0 Workflows, Forms, and Views, Sun Microsystems, Inc, 2008.
[20]
[21]
[22]
Identity Management Market Forecast: 2007 to 2014, Forrester Research Report, 2008.
[23]
[24]
Deborah Volk, The rise of Suncle (volume 1), Identity Management Series, Identigral, Inc,
2009.
[25]
Deborah Volk, The rise of Suncle: Access Management, Identity Management Series,
Identigral, Inc, 2009.
[26]
Deborah Volk, The rise of Suncle: Directory Services, Identity Management Series, Identigral,
Inc, 2009.
69
International Journal of Ad hoc, Sensor & Ubiquitous Computing (IJASUC) Vol.1, No.4, December 2010
Paul Rodrigues
Paul Rodrigues is Dean IT, Hindustan University, India and CTO of WisdomTree
Software Solutions, Chennai, India. He has received his B.Tech from Karnataka
University, India & M.Tech from NIT-Allahabad, India and Ph.D from
Pondicherry University, India. He has total 20 years of Teaching and Industry
experience in Delivery Management, Software Engineering, Budget Management
and Business Development. He has published more than 50 (refereed) papers in
International Conferences/Journals which include Extreme Programming, Software
Architecture, Databases and Object Oriented Analysis and Design. Also, he was an
author of a chapter in the book Recent Trends in Network Security & Applications during July 2010
published by Springer Berlin Heidelberg publications, New York, USA. He is first in the world to apply
Vastu to Software Architecture. He has worked in various domains that include Insurance, Retail, Digital
Forensic, Content Management and Application Migrations. He is an active member of many
professional-bodies like Identity Research Group, PMP, and CISSP.
70