Commentary by Mark Wahl, CISA
Some Microsoft-led sessions on the metasystem scheduled for the 2009 RSA Conference (20090223)
On Tuesday April 21st, Kim Cameron will introduce Using Claims to Simplify and Secure User Access to Applications and Services (STAR-106 - Intermediate):
Security demands on applications continue to grow. Today's isolated application access silos create challenges for developers and IT to solve these issues. The advent of cloud-based and SOA software is likely to amplify these challenges. Learn how to use the interoperable claims architecture based on the Identity Metasystem vision to simplify user access to applications and services.
Later that afternoon I'll cover Building Authorization Into The Enterprise Identity Metasystem (ESS-108 - Advanced):
The emerging claims-based identity metasystem enables enterprises to leverage an identity service for providing authentication controls on access to internal and external websites and services. This talk discusses the next stage, incorporating distributed authorization controls, so that authorization to these resources can be provisioned based on roles and entitlements.
On Wednesday, JG Chirapurath talks about The Risks and Rewards of Security, Identity and Access Integration (SPO-202 - Intermediate):
Driven by customer needs, the security industry is evolving into a new phase of development: the convergence and integration of IT security, access, and management around an identity-centric framework. This session will explore the trends driving convergence, outline a vision for identity-centric security and access, discuss the trade-offs, and provide real-world implementation examples.