19 Jul 2014
A new identity relationship
I’ve been writing on this blog about identity and relationships for a long time (some samples…)....
13 May 2013
New: Modern authorization systems and XACML
Over on the Forrester blogs, I take a look at XACML, advocating that it needs to...
2 Apr 2013
Consensual impersonation is delegation done very wrong
I’ve got a new post up on the Forrester blogs about “consensual impersonation”, which is what...
31 Dec 2012
New post: Make A Resolution: Kill Your P@55W0rD Policies
Over on the Forrester blogs, I’ve got a post meant to inspire IT folks to think...
12 Mar 2012
New post: Venn of access control for the API economy
Up on the Forrester blogs, I present a new Venn diagram that compares OAuth, OpenID Connect,...
13 Feb 2012
New: strong authentication research: “bring your own token”
Over on the Forrester blogs, I talk about my just-published TechRadar™ on strong authentication, and the term...
24 Oct 2011
New: Musings on SCIM after IIW
Over on the Forrester blogs, I talk about the latest progress on Simple Cloud Identity Management...
15 Jul 2011
New: Report contemplating OAuth and “Zero Trust identity”
Is it possible for an enterprise to turn itself inside-out? Apparently so. I’ve got a new...
10 Jun 2011
New: “Participating In Markets For Portable Identities In The Cloud: What’s The Coin Of Your Realm?”
I’ve got a new post up on the Forrester blogs, discussing a “markets for portable identity”...
10 May 2011
New: “Protecting Internal APIs – Is OAuth Ready For Its Closeup?”
Check out my new post on the Forrester blog, looking to hear about your experience and...