I never liked asking for permission to do things when I was growing up. Especially when I was asking permission for something that probably wasn’t a great idea-like asking to sleep over at my friend’s house with the (undisclosed) intent of staying up all night and roaming around town after midnight. Being the typical teenager, I wanted to control what I did or didn’t do. I certainly didn’t want someone else-especially my parents-limiting my options or telling me that I couldn’t do something.
Since then, I’ve outgrown the need to stay up all night with friends and other similar acts of teenage rebellion. I’ve also come to appreciate the value of permission and the need for control that exists, not just in our personal lives, but also in business. In fact, the issue of permission-where someone (or something) can or can’t do something (or have access to something) is an important part of business applications and IT infrastructure strategy. It’s also a key component in an organization’s identity management strategy and control over whether or not individual users have access (or are prohibited from) applications, servers, databases, or other IT resources.
The idea of identity management has been around for a long time, and it’s consistently a top issue on surveys of CIO’s concerns. If you’re a CIO, knowing who’s accessing what-especially in these increasingly security conscious times-is taking on a new urgency and level of importance. Identity management solutions typically refer to processes and software that streamline the management of an individual’s identification and access to different applications or systems. Single sign-on technologies are one example of identity management solutions. Using single sign-on solutions, a user can log into their corporate portal or application once and then, automatically, be logged into (or have access) to the other appropriate applications and resources. No more having to remember multiple passwords for each different account and application, which is certainly a good thing.
But I believe that there’s a lot more to the identity management story and idea of permission than just using single sign on technologies to enable easier access for users to a variety of different applications. By extending the concept, it can be used to control not only who has access to what application or data, but what group of people have access to what application/data and, more importantly, what applications (or application components) have access to what other applications and data. This idea of managing data exchange and application access through the concept of groups is particularly powerful when the groups have membership that spans multiple organizations, for instance, as you might find when individuals in different government agencies have common interests and shared objectives (like monitoring security issues) and need to share information across those traditional agency or corporate boundaries while still maintaining security.
-1-