IBM, CA, Microsoft, Nortel, Novell, the US Department of Defense, VeriSign, and others collaborate on personal digital identity. OASIS, the international open standards consortium, has formed a new group to enable the use of Information Cards to universally manage personal digital identities. The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards.

Technology advances have enabled about a quarter of the world's population to connect to the global telecommunications system from a variety of devices. These include fixed and mobile telephones, laptop PCs and even mainframe computers, provided they can get a line. In the not-too-distant future, millions, even billions, of machines will talk directly to other machines over the global networks. This makes it increasingly important to understand who (or what) one is addressing in an online communication.

At the recent SSO Summit I moderated a panel of single sign-on implementers. One of them, Christopher Paidhrin HIPAA & IT security officer for ACS Healthcare Solutions, was kind enough to let me share with you his "best practices" list which he calls: "To Do & Not To Do: SSO implementation lessons learned."

URL: http://www.networkworld.com/newsletters/dir/2008/081108id2.html 

Every time we think we've finally gotten a handle on the user provisioning/deprovisioning issue something comes along to disabuse us of that notion. In this case it's the results of a survey of attendees at last spring's Directory Experts Conference (DEC) put on by NetPro.

The state of Iowa recently became the 43rd state to pass a data breach law that requires a company to give its consumers notice should the company discover its consumer's personal information is compromised. In states with laws like Iowa, the primary concern is ensuring that data stored to tape is encrypted so in the event the tape is lost or stolen, the data is considered unrecoverable.