A provisioning working group gets its marching orders from the Internet Engineering Task Force and sets sites on creating a standard way to add and remove users from cloud-based services and applications.
John Fontana's blog traverses the evolving digital identity landscape and its intersection with the cloud, compliance, audit, privacy, mobile computing, API integration and security.
John Fontana is a journalist focusing in identity, privacy and security issues. Currently, he is the Identity Evangelist for cloud identity security vendor Ping Identity, where he blogs about relevant issues related to digital identity.
An Illinois woman files a class action suit against LinkedIn claiming that violation of its own privacy policies and user agreements allowed hackers to steal 6.46 million passwords.
Another password and data breach. Another mad scramble of questions and Band-Aids. It's not password configuration, policies or anything else, it's the infrastructure that needs an overhaul.
Developers are finding themselves back in the spotlight as the shifting computing landscape clamors for their skills. Recently, I stepped outside my ID world to attend the Glue Conference and see what's up.
A proposal to create a new standard for provisioning users to cloud services is making its way along the standards track and is soon to be the focus for a new IETF working group.
The software giant begins talking publicly about Windows Azure Active Directory service and plans to use it as the foundation for its Identity Management as a Service strategy.
APIs are quickly becoming the application glue for the Web with billions of calls per day making some companies billions of dollars per year, according to one keynote speaker at the annual Glue Conference.
A developer has created a password analysis tool that examines patterns to determine password strength and concludes password-creation policies are the real enemy of solid passwords.
A malicious attack aimed at Google but routed through Plaxo highlights the growing importance of API security using the forthcoming OAuth 2.0 protocol, which protects the user's credential information.
The major social networking sites have all been fined for improper use of private data; is that a trend that should be ringing alarm bells or a sideshow for the paranoid and uninitiated?