RSA Conference 2007

I got an opportunity to attend RSA conference here in Savannah (Hilton Island). It was more of a partner oriented conference but they talked about there product line and gave some of the new features of the products which are going to come in the market in next fiscal year.

I attended seminars on following products:

1) Authentication Manager 7.1 (Will be in the market in Mar-Apr 2008)
This product main focus is on Strong Authentication (one time password using hardware and software tokens). Software token is the good feature where in if the person forgets to carry the hardware token he can get the software token using self service. User has to answer security questions and software token will be sent to the user on either SMS or in a email.

They are also working on putting the software in the mobile phones for generating the token instead of carrying the separate device.

While attending the conference I asked how the software works on the cell phone? Is it the same software for all the users or is it user specific? I know these are silly questions but I never hesitate to ask questions so I did. They told me that software is same for everyone but the SEED is person specific and they also told me that one SEED can be assigned to three devices at the max at a single point of time. For example same SEED can be given on persons cell phone and same can be used for the hardware token also.
More on Authentication Manager in later posts after I can recollect my understandings.

2) RSA Key Manager

This product helps in managing the symmetric and asymmetric keys in the organization. It can be either for RSA products or it can also be used to manage encryption keys for home grown applications.

3) File Security System

RSA wants every content to be written in a secure manner and should be accessed by authorized persons ONLY. That is the reason they accuired a company who were in this area. This software works for putting the file contents in a secure manner and you can protect whole folder. You can then assign persons who can access those files and folders in a secure manner.

4) Database security System

This product secures the content of the database at a column level.

I will talk more about the inside of these products in the comming postings so keep reading.

Catalyst 2007

Yesterday I attended catalyst 2007. I met couple of different people looking for solutions in the IDM space. Here are few of them which i like to post in this blog

1) Intelligent Policy engine for IDM: One organization (I am not sharing the name) was looking for a policy engine which can interact with IDM product to provision user account on different systems (100+) based on user attributes. Administrators will manage these policy engine to define which user attributes will decide access to which applications. This policy engine is used by IDM product to provision the account on different systems. Currently IDM products are having rules where provision policy can be defined but they are very complicated to manage. Administrators who are not comfortable with the vendor specific language can not manage business policies. I will talk about this design in detail in separate topic.

2) Desktop SSO: I met with a product manager selling the idea of Desktop SSO. Idea is to pass the user credentials to end application (OS[Linux/unix], web application, legacy application etc) when prompted on application access. The product stores the credentials inside the desktop in encrypted manner for security reasons.

3) One organization has built the product which can be integrated with oracle IDM suite for provisioning physical access control.

Technorati : Burton