Drew Wagar's Weblog.
All
|
Astronomy
|
Automotive
|
Identity
|
Industry
|
Miscellaneous
|
Technology
|
Whinge of the week
Thursday December 01, 2005 |
|
Entire-ID : Launching today!
I've been dropping enough hints about this for the past few weeks, and since we're about to go public with it (infact it just went live on the main Sun UK site as we speak - direct link here!), I think it's about time that you all got a low down on the monster that has been consuming my time for the last few months. (Other than the normal day job of course!) Here it is...ta da!  So what is Entire ID? Well, it's a pre-integrated and pre-tested system designed to provide the complete backbone infrastructure of an Identity control system. I will introduce it today and then go through some of the details section by section in future entries. The first issue it addresses is 'Registration'. How do you strongly associate an individual (citizen, employee, user or customer) with an electronic credential? Consider, if you can't guarantee the authenticity of the users who sign up to your system, any security you apply down the road is meaningless regardless of how good it is. Registration is key... and talking of 'keys', the (ahem) key output of the registration process is a digital certificate strongly bound to a registree. We also force the registration process itself to comply with E-Gov level 3 (Beyond reasonable doubt) legal requirements along with a whole bunch of other UK and EU legislation. Next up is provisioning. Once we've got a user, we need to propogate and manage that user across all the systems and services they need to access. We need to do this in a way that is easy to manage, scalable and compatible with a huge variety of technologies. We also need to 'provision' the user with a Card... Which brings us to Card Management. That digital certificate needs to be managed and placed on a card automatically (along with optional stuff like biometrics, photo/images and data). We also need to manage issuance, renewal, lost/stolen process etc etc... We also need to use that card. Thus we provide authentication and authorisation services against that digital certificate, and in our demo example, create SSO tokens as a result of successful authentication (but you could do all sorts of interesting stuff - building access, car park spaces, online authentication...). There is also a whole bunch of federated stuff in here too... Finally, we need to wrap an auditing function around all this, so we can provide and end to end view of the lifecycle of identies through the system. It looks like this.  What you have in essence, is a pre-built, pre-integrated and pre-tested PKI authentication mechanism that manages sign-up, user provisioning, access and card management, using open standards and federation as guiding principles. Can you think of anyone who might need one of these? ;-) We've been partnering with a few companies to provide this solution as you can see. It's worth pointing out at this stage some top techie dudes here as well: Patrick (Objectsoft), Pascal(ActivCard - now ActivIdentity) and Marc (Isosec) who are the brains behind much of this. There is also the extended sales team (Brian, Les, Nigel, Giovanni, Robert and the other Les ;-) and our marketing lady, Suzie , who has been instrumental in bring all the stuff together for shows and events. (She still can't spell 'compatible' right though ;-) The website is a bit sparse at the moment, you know how it is when you're playing with technology, documentation is so... tomorrow. One other thing though, I designed the entire logo myself using a copy of paintbrush on my laptop and used the official sun colours... it got all the way through marketing without being altered. How cool is that? LOL! ( Dec 01 2005, 10:29:14 AM GMT / Dec 01 2005, 10:06:23 AM GMT ) Permalink Comments [0] Trackback: http://blogs.sun.com/Drew/entry/entire_id_launching_today |
|
|
Trackback URL: http://blogs.sun.com/Drew/entry/entire_id_launching_today
Comments:
Post a Comment:
Yep, me.
| « November 2009 | ||||||
| Mon | Tue | Wed | Thu | Fri | Sat | Sun |
|---|---|---|---|---|---|---|
1 | ||||||
2 | 3 | 4 | 5 | 6 | 7 | 8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 | ||||||
| Today | ||||||
 moon phases |
- Get my RSS Feed!- Off to pastures new!
- Stupidest piece of tat with football branding on...?
- Football
- Karate update...
- Nerina Pallot's new album
- When I rule the world...
- Last bit from Infosec 2006
- Report from Infosec 2006
- Infosec 2006
- Karate!
- Proud Dad thing...
- Office Shenanigans...
- So it's a voluntary ID Card then...
- Found my car on Google Earth!
- Narnia : Coming back through the Wardrobe...
- Out of the way, I'm coming through!
- Signs of the times...
- Thin clients in the news again..
- My family is on its way to Pluto...
- Incoming space debris...
- Computer game generation gap...
- Snow!
- Happy new Year!
- Are you feeling secure now?
- Why can't the US make decent film adaptions?
- Yep, did it!
- Will I get to meet Jonathan Schwartz then?
- Register fails to register...
- Free software : Our new big bet...
- Aloha!
- Er... Hello World!?
- Swearing at the Radio... Nuclear Power
- Entire-ID : Launching today!
- Reality meets the blogosphere
- Conference Season!
- Driving a steam train...
- ID Cards again
- I've no idea whether anyone will find this remotely interesting...
- Hey, cool! And, thanks!
- Full steam ahead!
Today's Page Hits: 0