Identity Management Market Update
Download
Report
Transcript Identity Management Market Update
Identity Management Market Update
Prepared for Cal State Universities
Mike Neuenschwander
senior analyst
[email protected]
Monday, December 2nd 2003
www.burtongroup.com
All Contents © 2003 Burton Group. All rights reserved.
Identity Management Market Update
Executive summary
• IdM market is consolidating cross-functionally
• Vendors are refining packaging and integration issues
• Meanwhile, the need to move forward in building identity
infrastructure is urgent
• Recommended approach:
• For product acquisition, rely on vendors that will be long-term, fullservice providers of IdM or smaller vendors likely to be acquired by
an acceptable vendor
• Focus on deploying foundational, mature, and interoperable
technologies
• Wait for market convergence to solve some of the higher-level issues
or treat the deployment of such technology as purely tactical
2
Identity Management Market Update
Overlap without integration causes consternation and cost
• Around 60 vendors in IdM
Directory
Authentication
Password Management
Access Management
Provisioning Meta-directory
Appliances
Virtual Directory
3
Identity Management Market Update
Market corrections underway
• A thousand flowers have bloomed; time for the bouquet
• Lots of technology has sprung up to fill specific needs
• Vendors have little room to expand without creating further overlap
• Economic realities are driving consolidation
• Vendors looking for ways to accelerate growth, increase their share
• Typically, this means creating integrated suites of IdM products
• Vendors continually evaluating buy-vs-build evaluations
• But investors in target companies often don’t want to sell at today’s
deflated valuations
• Results in a war of attrition, slower transition than merger and
acquisitions
4
Identity Management Market Update
Hooked on suites: Vendors pursuing multi-IdM strategies
Vendor
IBM
Novell
Sun
CA
Access
ProvN
Passwd
Meta
AuthN
Microsoft
Netegrity
Oblix
RSA
Entrust
= Partner provided
5
Identity Management Market Update
6
Consolidation denouement
• Who will have a seat when the music stops?
• Platform and suite vendors will remain
• Microsoft, IBM, Novell, and Sun committed to IdM
• BEA will cover some aspects of IdM
• HP acquired part of Baltimore Technologies and will likely acquire other
IdM technology
• A few independent companies will emerge as platform-neutral IdM
companies
•
•
•
•
Netegrity a strong possibility
Entrust, RSA are candidates with security emphasis
Novell may fit here rather than as a platform vendor
Oblix – has yet to go public or produce a broad IdM product line
• Other vendors will serve niche markets or exit the IdM market
Identity Management Market Update
7
Consolidation: A technical view
• Two technical areas: operational and management
Access Management
Directory
Identity Integration
Authentication
Password Management
Access Management
Provisioning Meta-directory
Appliances
Virtual Directory
Identity Management Market Update
8
Defining access management
• Software that enables authentication, identification, and
authorization for users in the context of a security domain
• Improves manageability and accountability
• Operates a layer above the application, replacing ad-hoc,
inconsistent Web application authentication and access controls
Identity Management Market Update
9
Market overview
Vendor
Agent
Proxy
SAML
XACML
BEA
CA
Entrust
HP (Baltimore)
IBM
Netegrity
Novell
Open Network
Oblix
RSA
Sun
Liberty
Identity Management Market Update
Access management in the context of the über-architecture
• Where to put the application policy?
Web access manager
Security appliance
Web server / proxy
Application
Standards & protocols
Application server
Perimeter layer
Access layer
Control layer
Resource layer
10
Identity Management Market Update
Identity integration overview
• What is identity integration?
• Technology that links and unifies identity information across a wide
range of applications
• Identity integration is the means, not the end
• It’s the leavening that improves the success of other projects
Integrated sign-on and permissions
App 1
App 2
App 3
App 4
Common Profile
App 5
11
Identity Management Market Update
12
Four types of identity integration activities
• Account management
• Creation, deactivation, and removal
• Enforce naming policies
• Data synchronization and maintenance of identity data
• Ensure that attributes on an account are accurate and consistent with
other applications
• Enterprise directory deployments
• Permissions and access maintenance
• Group and role membership
• Rules based on identity data
• Password management and synchronization
• Definition of management vs. synchronization
Choosing a Vendor
13
Several approaches and solutions today
• Feature overlap in products can be confusing
• Causes redundant infrastructure for similar and related solutions
Activity
Account
Mgmt.
Data
Synch
Permission
Mgmt.
Password
Mgmt.
Provisioning
Virtual Dir.
Password
Product
Meta-Dir
= Strong functionality = Partial functionality = No or Little functionality