Thursday, June 28, 2007
Yesterday I attended catalyst 2007. I met couple of different people looking for solutions in the IDM space. Here are few of them which i like to post in this blog
1) Intelligent Policy engine for IDM: One organization (I am not sharing the name) was looking for a policy engine which can interact with IDM product to provision user account on different systems (100+) based on user attributes. Administrators will manage these policy engine to define which user attributes will decide access to which applications. This policy engine is used by IDM product to provision the account on different systems. Currently IDM products are having rules where provision policy can be defined but they are very complicated to manage. Administrators who are not comfortable with the vendor specific language can not manage business policies. I will talk about this design in detail in separate topic.
2) Desktop SSO: I met with a product manager selling the idea of Desktop SSO. Idea is to pass the user credentials to end application (OS[Linux/unix], web application, legacy application etc) when prompted on application access. The product stores the credentials inside the desktop in encrypted manner for security reasons.
3) One organization has built the product which can be integrated with oracle IDM suite for provisioning physical access control.