InfoQ Homepage Identity Management Content on InfoQ
-
Google Releases a Managed Service for Microsoft Active Directory (AD) in Beta
In a recent blog post, Google announced the beta release of the Managed Service for Microsoft Active Directory (AD). With this service, Google acts as a managed service provider for any customer requiring Microsoft AD, and will the cloud provider will take care of the patching and maintenance of Microsoft's identity and access management service.
-
W3C and FIDO Alliance Finalized WebAuthn, Web Standard for Secure, Passwordless Logins
The World Wide Web Consortium (W3C) and the Fast IDentity Online (FIDO) Alliance recently announced that the Web Authentication (WebAuthn) specification is now an official web standard. WebAuthn allows users to log in via biometrics, mobile devices and/or FIDO security keys, with higher security over passwords alone.
-
Sign In with Apple Touts Single Sign-On without Sharing Your Data
At the recent WWDC 2019, Apple announced its own Single Sign-On (SS) service, dubbed Sign in with Apple. Deemed "Apple's most significant new innovation" by Time, Sign in with Apple promises not to share any personal user data, including email addresses.
-
Introducing Interoperable Blockchain Identity Solutions with Hyperledger Aries
In a recent blog post, the Hyperledger project announced their 13th project called Hyperledger Aries, which provides an interoperable identity management toolkit that enables creating, transmitting and storing verifiable digital certificates. Using this toolkit, organizations can support, secure, interoperable peer-to-peer messaging across different distributed ledger technologies (DLT).
-
Open Policy Agent Accepted as CNCF Incubation Level Project
The Cloud Native Computing Foundation (CNCF) accepted the Open Policy Agent (OPA) as an incubation-level hosted project on April 2nd. OPA is an open source, general-purpose policy engine. OPA targets cloud-based enterprise technology companies with a solution that offloads service level policy management to a unified, context-aware policy management solution.
-
HashiCorp Vault 1.1 Adds Secret Caching and Transit Auto Unseal
HashiCorp has released version 1.1 of Vault, their secrets and identity management tool. With this release there is now support for secret caching by Vault Agents, authentication to Vault via OpenID Connect, and using a Vault cluster to auto unseal another Vault cluster via transit encryption.
-
AWS Identity and Access Management Gains Tags and Attribute-Based Access Control
Amazon Web Services (AWS) recently enabled tags for IAM users and roles to ease the management of IAM resources. Notably, this release also includes the ability to embrace attribute-based access control (ABAC) and match AWS resources with IAM principals dynamically to "simplify permissions management at scale".
-
Google Releases New Security Features for Compute Engine: Resource-Level IAM and IAM Conditions
Google announced two new Cloud Identity and Access Management (IAM) features to help customers manage their security and access control in the Google Compute Engine better. These features are the resource-level IAM to set policies on individual resources, and IAM conditions to grant access based on predefined conditions.
-
Tim Berners-Lee Introduces "Solid" Decentralized Identity Platform
Solid is a new decentralized identity platform from WWW Creator Tim Berners-Lee. Solid provides a mechanism for users to own and better control the usage of their data.
-
OpenID Loses Major Proponent, StackOverflow
OpenID has lost one of its largest proponents. Stack Exchange, the company behind StackOverflow and other Q&A websites, will be completely eliminating support for OpenID on July 25, 2018. This continues a long running trend of websites eliminating OpenID from their offerings.
-
The Lowdown on Face Recognition Technology
Facial recognition is a direct application of machine learning that is being deployed far and wide to consumers, in the industry and to law enforcement agencies with potential benefits in our daily lives as well as serious concerns for privacy. facial recognition models show above human performances but real world implementation remains problematic for some applications.
-
Susanne Kaiser on Microservices Journey from a Startup Perspective
Susanne Kaiser, CTO at Just Software, spoke at the recent QCon New York 2017 Conference about the transformation process her team went through to transition from a monolithic application architecture to microservices model.
-
AWS Organizations Offers Centralized Policy-Based Account Management
After a three month preview since re:Invent 2016, Amazon Web Services has recently moved AWS Organizations to general availability. The new service allows to centrally manage multiple AWS accounts within a hierarchy of organizational units and attach service control policies with fine-grained access permissions. AWS Organizations also supersede the formerly separate consolidated billing feature.
-
Apache Ranger Graduates to Top-Level Project
Apache Ranger, a security management framework for Apache Hadoop ecosystem, graduated to top level. Ranger is used as a centralized component to define and administer security policies that are enforced across supported Hadoop components such as Apache HBase, Hadoop (HDFS and YARN), Apache Hive, Apache Kafka, Apache Solr, among others.
-
NIST Guidelines Require Second Auth Factor When Using Biometrics
NIST has released a public draft of new Digital Identity Guidelines, described as “a significant update from past revisions.” The guidelines describe acceptable use of multi-factor authentication (MFA). Furthermore, when using biometric data as one authentication factor, it must be combined with something you have, and not something you know, such as a password.