        |
One of the more interesting sessions at the recent "first annual SSO Summit" was an open space presentation called "Where do OpenID and InfoCards fit?" OpenID is getting the spotlight now, but InfoCards will win in the end. It's a conclusion the whole group appeared to agree with as we found numerous ways that the CardSpace technologies could eventually become quite useful to the enterprise.
I recently attended the first annual SSO Summit at the Keystone resort near Denver and I was very much impressed by the level of discussion that took place. The attendance was small (a little over 100 attendees), but most were security and/or IT managers, execs and implementers from fairly large organizations. And all were willing to share their own experiences, and their questions, about the right path to take and the right reasons to take it for reducing the number of authentication points a user needed to see during the course of the business day.
Brian Campbell of Ping Identity, Co-chair of the OASIS Security Services Technical Committee, on the importance of SAML.XML.org.
Ping Identity among 2008 Laureates. On June 2, 2008, the Laureates Class of 2008 were honored in Medal Ceremonies at the Andrew W. Mellon Auditorium in Washington D.C. This is one of the Program's more diverse and accomplished groups in recent history, and we would like to congratulate each and every Laureate, whose innovations with information technology benefit us all.
QUESTION 2: What are the sign-on, access and authentication policies?
The most common way to get at an application via the Internet is via a username and password. "The normal way is to go to their front door," says Patrick Harding, chief technology officer for Ping Identity, a Denver company that makes identity federation software. But a growing number of companies are working with their service providers to pull the SaaS sign-in process into the bounds of their firewall or VPN, providing a higher degree of authentication.
I’ve a feeling that Andre Durand and his merry band at Ping will be quicker off the mark to integrate the (mainly) Web SSO technology they acquired from Sxip. It’ll be interesting to see what Ping does about the name, though, as Sxip Technology will still exist and its Sxipper application for Firefox will continue to be available.
On 11 March 2008, Ping Identity, a federated single-sign (SSO) software provider headquartered in Denver, Colorado, announced the acquisition of Sxip Access, an identity management gateway developed by Vancouver, British Columbia-based Sxip Identity. Sxip Access will be sold alongside PingFederate, Ping's multiprotocol federated SSO solution, which includes integration kits for portals, custom applications and identity management systems. Ping will also acquire the Sxip Access development staff. Sxip Identity will focus on consulting and on its Sxipper product, a free sign-on/form-completion plug-in for the Firefox Web browser.
The acquisition of Sxip Access is a smart move by Ping Identity. Although it can be used to provide SSO for SaaS, PingFederate (the company's flagship multi-protocol federated identity offering) lacks some of the rapid implementation and deployment capabilities of Sxip Access. Part of the SaaS proposition is that organisations can get up-to-speed much more rapidly. Authentication and authorisation shouldn't hold you back: something that Sxip Access should help to prevent. Back in September Ping began to actively target the SaaS opportunity, allowing providers to sell PingFederate-based SSO to their customers and share the revenue with Ping. Yesterdays announcement should accelerate this.
Denver-based Ping Identity, an identity management company, said Tuesday that it acquired Sxip Access, a Software as a Service (SaaS) product, from Vancouver-based Sxip Identity, for an undisclosed amount. Sxip offers a product for on-demand identity management. The deal is expected to help Ping accelerate development of its various product offerings. Ping’s statement highlights a Gartner estimate that the SaaS market will grow at double the rate of the total enterprise application market though 2011.
ecuring "enterprise 2.0" (largely SaaS-driven) applications is one of the huge blind spots in that space. Something that Michael Barrett, CISO of PayPal, compared to "giving a child scissors and telling them to go run around." Moving to solve that problem is good for Ping, good for Sxip, good for CSOs everywhere, and good for identity in general.
  |
