Whos Who When

Identity management and user provisioning are getting easier-if your directory ducks are in a row.

A bevy of single-purpose single-sign-on products, biometric devices and integrated identity management frameworks promise reduced operational costs through streamlined user-rights provisioning. However, not much has been done to improve these systems reputations for being difficult to implement, so government regulation is still the biggest driver for deployment.

eWEEK Labs has found that most of the products on the market today will help IT managers control access to sensitive data. However, organizations that dont have at least a winnowed-down enterprise directory and a stable, well-understood set of applications should put identity management on hold for now.

The good news for IT managers who do face regulatory obligation is that most of the products we looked at will help smooth the way to provisioning identity management and single sign-on. However, long-term savings will remain elusive until the underlying directory mishmash is unified.

The identity management tools we looked at for this report are oriented almost exclusively toward human beings. In the coming year, Web services—and the need to authenticate and authorize other computers along with applications and services running in the network—will force a paradigm shift to encompass any computing resource. New specifications from technical committees at the Organization for the Advancement of Structured Information Standards, or OASIS, should therefore be on IT managers radars. (Go to www.oasis-open.org/committees/wss/#announcements for more information.)