One of the hardest nuts to crack has been for the industry to develop a capability for IT professionals that makes identity authentication easy while at the same time making it more secure. Recently, in fact, the FIDO (Fast IDentity Online) Alliance was formed to come up with a framework solve this problem. It turns out that ForgeRock Inc., a leader in the area of open source identity and access management (IAM), with an update to its Open Identity Stack, has been a solution that can fit the bill as well.
The company says its latest iteration of ForgeRock Open Identity Stack: “Is the only unified, one hundred percent open source stack to secure applications and services across enterprise, cloud, social and mobile environments. The new release builds on ForgeRock’s simple, modular, lightweight architecture that provides developers with a single API across their entire stack.” They have a great point.
Eve Maler, Principal Analyst, Forrester Research, in a Forrester report, Navigate The Future Of Identity and Access Management, sums up the challenge nicely. She states, “IAM in 2012 has become a tool not just for security but also for business agility…Competitive challenges push businesses into the cloud and encourage mobile device use even without full-fledged access controls in place. These trends create pressing provisioning, authentication, and authorization challenges for [Security & Risk] professionals. All the while, security threats and compliance requirements continue to swell.”
As with the FIDO initiative, “OPEN” is the key. History says that with IT and communications solutions, all boats actually do rise when the tide comes in. This is why ForgeRock’s Spring 2013 release is likely to resonate.
Open for business
The platform includes the latest versions of OpenAM for service access management and OpenIDM for identity management. As ForgeRock notes, with OpenAM 10.1, customers now have the complete support of the OAuth 2.0 standard. This translates into allowing end-users the ability to authorize third-party access to their server resources without sharing their credentials. Put simply this means giving the user access to valuable resources without the possibility of exposing invaluable corporate authentication information. The company has also redesigned its session failover to provide high-availability. Using OpenDJ this means easier implementation and deployment.
On the identification side of things, OpenIDM 2.1 is now optimized for Internet scale. High availability and better performance are also improved based on the use of a discovery engine that is multi-threaded and clustered. The discovery engine enables IT managers to synchronize users across different data stores. It also ensures records are accurate and up to date in support of compliance and audit requirements. In addition, OpenIDM 2.1 embeds the Activiti Business Process and Workflow engine, a comprehensive, lightweight and scalable industry standard Business Process Model and Notation (BPMN) Version 2.0 compliant solution to support workflow driven provisioning and identity management.
“As core contributors to the OpenIDM project it has been extremely rewarding to see the growing number of companies that have adopted Open Identity Stack,” said Nathanael Coffing, vice president, business development, Syntegrity Networks. “The latest Open Identity Stack release is focused on further simplifying and streamlining identity and access management for users. We expect this momentum to only continue to build with time, and look forward to continuing to create the features most beneficial to organizations.”
As the user community continue to look toward open solutions, ForgeRock is thinking about those whose legacy systems are proprietary and are in the process of losing support from their vendor. In fact, in an invitation to SUN IAM customers, facing Oracle’s end-of-life policy for OpenSSO and Waveset, ForeRock says that its solution gives those users, “the opportunity to continue building next-generation features on top of their existing IAM investments…Organizations will have the option to strategically plan for upgrading their Sun IAM deployment. “
“Developers, architects, and users have been asking for a unified stack with these capabilities for the last 10 years,” said Mike Ellis, CEO, ForgeRock. “With the new release of our Open Identity Stack we have strengthened our revolutionary approach to identity and access management, providing developers with a truly integrated, open-source identity platform to tightly control their enterprise, cloud, social, and mobile systems. By providing a high value driven platform for IAM that enables true cloud scale functionality, ForgeRock is allowing enterprises globally to expand their reach to customers, suppliers and consumers through a common cloud technology platform.”
“As core contributors to the OpenIDM project, it has been extremely rewarding to see the growing number of companies that have adopted Open Identity Stack,” said Nathanael Coffing, Vice President, Business Development, Syntegrity Networks. “The new release of Open Identity Stack further simplifies and streamlines identity and access management for users. We expect this momentum to only continue to build with time, and look forward to continuing to create the features most beneficial to organizations.”
As the annual RSA event draws near, it is not surprising that ID and service access management issues have started grabbing headlines. Industry buzz, as exhibited at TMC’s recent ITEXPO event, where a featured panel on the future of cloud computing became a fascinating discussion about the future role of IT, is now focused on how IT can regain control over the trend to “shadow IT” where lines of business look to the cloud for fast solutions to their problems rather than wait for an internal fix and thus potentially expose enterprises to significant risks. ID and service access management administered by IT in a robust manner is the path to give IT the control they want while enabling end users the access to services they desire.
ForgeRock’s pioneering efforts on Open Stack, are a path that is going to gain considerable consideration. If nothing else, RSA sessions on the subject and listening for more detail on all of the solutions emerging to solve the problem of easy but strong authentication and service access are sure to be lively.