As the world’s fourth largest independent software company Symantec works with a diverse customer base spanning consumers through large enterprises, helping them protect their infrastructure, information, and interactions. Hear Symantec VP of Technology Rob Clyde discuss how digital IDs can be used and managed effectively in a world of increasing IT complexity and greater security challenges.

Authentication is often confused with identification. Meanwhile, non-identifying authorization is commonly used without understanding what is really going on. The haste to create security in a networked world often leads to over-identification - creating side effects - without actually making accurate authentication more likely. Jim Harper will explain the implications of these misunderstandings, and why a correct understanding of them is essential for identity management professionals.

Identity management started in the enterprise, but as silos of identity information have grown, so has the need for users of the internet to manage their identities. The crucial remaining question is: how do the largest sites on the internet view identity? This panel of executives from some of the internet’s largest sites will discuss the issues of ownership, control, portability and security that surround internet identity.

Identity’s growth is resulting in a myriad of technologies – user-centric, traditional identity management, virtual directories, federation, network access control, layered authentication and on and on. Join Phil Becker, Editor in Chief of Digital ID World, as he looks at the state of identity both today and into the future.

The Healthcare industry is turning to Information Technology at long last to help resolve issues of runaway costs and concerns about patient safety and quality of care. But the going is slow. There is a lack of agreement on how to reliably identify information on a patient when it is kept in many different hospitals and doctor's offices. Standards for communicating information electronically are not routinely employed. Scott Wallace will discuss the great promise of and considerable barriers to a digital transformation in healthcare.

You know you’re undertaking an identity management initiative. You've identified the business drivers and concerned business units. Your architectural principles are intact, and you're about to begin talking with vendors. Now what? Come and learn the essential questions that you should ask any vendor as you evaluate their product offerings.

The FFIEC guidance mandated that online banks and brokers institute "layered" and "risk-based" authentication mechanisms. But that guidance didn't solve the crucial hurdle: how to ensure a user experience that fosters adoption and use of these mechanisms.

In the Restaurant Industry high turnover and minimal computer training can make systems implementation and authentication a difficult proposition. Great systems design and Biometrics can make a big difference in the user experience.

These two deployment case stories demonstrate that strong authentication and a good user experience can both be acheived.

Federal-Mogul has embarked on several major consolidation initiatives: standardizing on one global ERP system, consolidation to one global Active Directory, deploying a global ID Management and Compliance solution, and consolidating or removing redundant systems across the company. This presentation will detail how Federal-Mogul has established a deployment roadmap and executed on a series of integrated initiatives to clean up orphaned accounts, develop, implement and govern roles across a heterogeneous environment, automate provisioning for security, efficiency, and to enable the new global ERP system, Active Directory, and system consolidations, and automate compliance for a global list of regulations.

First was "grassroots" identity; then the "laws of identity"; now it has become an ecosystem of groups working on URL-based approaches to identity management. Learn why URL-based identity matters to enterprises and individuals alike from the leaders at Netmesh, Sxip Identity and Verisign.

What are the foundational steps for any identity management initiative? Do you really need to understand enterprise rights management before you undertake a directory virtualization project? Phil Windley, author of Digital Identity, will walk attendees through the necessary groundwork for any and all identity initiatives.

Federated Identity has been the "hot topic" in identity for several years. Currently, enterprises that have deployed federated identity are coming "back from the trenches" with some key findings. Join companies like Boeing and Pay by Touch as they walk through how it is that they’re working to overcome some of the early limitations of federation technology - work that is driving them to success and deployment on a large scale.

The discussion of privacy revolves around issues of secrecy and information disclosure; currently pending privacy legislation in the United States, for example, penalizes disclosure of personal information, but reduces or eliminates penalties when the information disclosed has been encrypted.

In this talk, Bob will argue that equating privacy with secrecy is a fundamental mistake. Privacy is not about secrecy, and it's not about information. It's about human dignity, and there are better ways to protect human dignity than keeping secrets. Bob will examine the implications of his definition of privacy ("Privacy is the ability to lie about yourself and get away with it") and talk about how that definition can be used to think about privacy rights and how they arise in social and legal systems.

Bob Blakley is Principal Analyst at the Burton Group. He was until recently Chief Scientist, Security and Privacy, IBM. He has chaired the IEEE Symposium on Security and Privacy and the New Security Paradigms Workshop. He holds an AB in Classics from Princeton University, and an MS and PhD in Computer and Communications Science from the University of Michigan.

Provisioning has become the essential component for identity management. But achieving success in your provisioning deployment may not be as easy as it sounds. Hear Accenture, Regions Bank and The Hershey Company, as the people who have done it take you “inside” of their provisioning deployments.

Traditionally, "identity management" has been contained within the application layer, but a new breed of products (and vendors) is taking identity management out into the network layer. This session will give you a firm understanding of identity-based approaches to network access control, as experts from Identity Engines, Symantec and Enterprise Strategy Group explore this groundbreaking topic.

Many companies are struggling with the financial and time investments of implementing complex role-based Provisioning solutions and the long project schedules that take forever to return any value. In this session you will learn how Raymond James Financial has struggled with these issues and overcome them through a combination of innovative processes and technologies to continue to provide automated provisioning value in short periods of time.

Banking is widely recognized as a heavily regulated corporate environment. Under internal and external oversight, all authentication and authorization stored come under scrutiny, driving up the time and cost of change for any Identity Initiative. This presentation will describe a successful approach to centralizing authentication and authorization of distributed Identity Information has been deployed at Fifth Third Bank by federating disparate directories through virtualization. The primary business goal of this initiative was the construction of a logically "federated" identity repository for bank employees followed by B2B and B2C identities. This foundation, established over the past year, is enabling a wide variety of service applications driven from a common set of identity, security, and entitlement services.

BC Hydro, a Canadian electric utility, had multiple online applications serving business and consumer customers that didn’t talk to each other. A customer-centric approach was taken to bring various online services together through a single sign-on customer portal. In production almost 3 years, the single sign-on now serves 200,000 customers with tools such as online billing, consumption information, newsletters and outage information. This successful identity management application improved customer satisfaction through much easier access to energy information. Also, BC Hydro has realized improved efficiencies from automation, in customer support as well as deployment of new applications. Working with a framework of local and remotely hosted applications, new services can now be offered without building new access controls.

In this session, Mike Wenzlaff, eBusiness Specialist, will review BC Hydro's original challenges, discuss the deployment of their customer portal and examine the benefits realized through their identity management solution. The environment of a highly regulated utility serving business and residential customers may illustrate parallels in other organization

Enterprises and governments need to reliably identify users in order to share information and conduct online services. However, threats such as phishing and identity theft continue to undermine trust and reduce confidence in Web usage. At the same time, today’s identity information silos result in users having their identity verified by each organization they interact with. This results in their identity data only being valid inside each of these organizations. Consequently there is a confusing array of identity management user experiences. There is no portability of digital identity between government agencies or out to the World Wide Web. This is further complicated by privacy legislation which is needed to ensure that access to citizen data is tightly controlled.

Several identity solutions and government initiatives have emerged to tackle this problem. None have been able to address the interests of all the parties. As things stand, there is still no way to know who is really who online. This case study from the Government of British Columbia will discuss a person-centric approach to handling digital identity.

Enterprise Rights Management is all about authorizing the proper usage of applications and resources via identity. Join Oracle, Fenwick and West and Fluor as they discuss their successful ERM deployments – and learn how their "lessons" can help smooth your initiative's path to success.

Meta-directories have their place, but virtual directories have quickly become a key piece in all identity management deployments. In this session, companies like Motorola will help you understand how and where to use virtual directories in your deployment architecture.

Compliance has been the primary driver of identity management deployments over the last year. Having deployed those solutions, companies are now looking to automate the enforcement of compliance policies. Innovative companies like EpicTide, Aveksa and Virsa (recently acquired by SAP) will address this new problem and some of the possible solutions.

The Trusted Computing Group has long played a role in the world of identity – one that hasn't been well understood. From the TPM to NAC, trusted computing builds the critical foundation for a secure identity deployment. This session puts users on stage, as they talk about leveraging the work of the TCG.

The Digital ID World Awards are given yearly to recognize those individuals or organizations that have made a significant contribution (technology, policy, business or deployment process, or social impact) to the digital identity industry. The Liberty Alliance IDentity Deployment award (IDDY) recognizes the best ID management deployments and the value they bring to businesses, governments, citizens, and consumers around the world. This year's award winners will receive their awards at this session.

Today, digital identity issues cross a wide spectrum, including both the social and business aspects of every day life. Lewis will put identity management in context, in terms of the broader enterprise IT strategies IdM enables, the larger social implications of digital identity, and the sociological and technological trends driving identity management systems. He'll discuss the evolution of enterprise Identity Management services in relation to overall enterprise IT architecture. The presentation will also discuss the evolving notion of an identity "metasystem" for the Internet, "user-centric" digital identity and its implications, and both the upside potential and downside risks inherent in digital identity systems.

Journey with XL's CSO as he navigates the path that took his company from a disjointed, decentralized group of companies with multiple user identities to a centralized, shared services environment where all users have One Identity. Learn how the company structured a cohesive, multi-tiered architecture that creates and manages user identity, both internally and externally, from provisioning to de-provisioning, and with a clear path into the future.

Identity information is the currency of the electronic crime underground. David Jevans will report on the most recent findings in the evolution and sophistication of phishing and crimeware. An attack taxonomy and threat models will be presented, along with their implications for authentication and identity management technologies.

As healthcare moves to a network of interoperable electronic medical records, we are faced with both questions and opportunities for managing patient identity. In this interactive session you will learn more about the envisioned National Health Information Network (NHIN) and the various patient identification models being proposed in association with it. We will examine the cultural and technical obstacles unique to healthcare that impede reaching consensus on which of these models to adopt, and discuss how to apply expertise and lessons learned from other industries to the development of a comprehensive identity management solution in healthcare.

InfoCards is the Microsoft identity initiative in Vista. But the anticipated widespread use of InfoCards will have a huge impact on how enterprises deploy identity management systems. Industry leaders from Microsoft and Ping Identity will address the as-yet not fully understood topic of InfoCards within the enterprise deployment.

Compliance automation has increased the focus on roles, showing early concepts such as the strict NIST RBAC model to be lacking. This has forced innovation both in how roles are viewed, and in the technology to create the sustainable role definition and management that compliance requires. This panel examines these new outlooks and approaches and how they integrate into and affect identity management.

Sarbanes-Oxley has been a prime driver for identity management deployments. In the wake of those deployments, enterprises have learned what they need to be successful. This panel of expert implementers from Regions Bank, ADP, Burlington Coat Factory and Network Appliances will share their discoveries about identity management in a SOX world.

Identity management and information access in the health care environment present many challenges. First, the protection of confidential and sensitive data is a federal requirement. Second, the broad and immediate access to patient specific information is essential. How do we grapple with seemingly opposing objectives?

Getting access to information can be burdensome. It often leads one to play “cat and mouse” with security administrators and leads one to exhibit “worst” practice behavior. Biometric and card solutions are extremely beneficial but not always practical, convenient, or infallible. A hybrid approach to authentication may resolve some of these issues; an approach that uses multi-factor methods to place the burden of authentication on the system, not the user.

This approach, coupled with access continuity and context integration, greatly improves the interaction between man and machine.

Phishing, Fraud, Spam, etc. have created a lot of pressure to "do something." This panel explores what experience has demonstrated about the effectiveness of various technological approaches to combatting online identity-based fraud.

Higgins is a framework for open source identity components that isn't widely understood. Many think it’s a competitor to Microsoft's InfoCards initiative – which isn’t exactly true. This session puts leaders of the Higgins project on stage, so that you can get the skinny on Higgins.

All identity management projects grow to include the management of roles within an organization. Simple it would seem, but not so when roles proliferate at scale. This session will help you understand innovative new techniques for managing roles at scale.

Traditional identity management products have worked on the identity problem in the application "layer." But Network Access Control (NAC) products are now handling identity in the network "layer." The effect is a new round of product revisions as these layers interact with and integrate with each other. Understand what’s behind identity's latest innovation.

Web-based SSO has long been the province of identity management, but a whole new space has opened up with regards to movement of identity data through SOAP-based web sevices channels. This session addresses how web services are being secured with standards-based identity mechanisms like WS-Trust.

The infrastructure for identity management is changing in both public and private organizations to provide better validation of identities, improved authentication of users for both physical and logical access, and improved security and privacy of the user's personal information. This session will bring a critical understanding of how the infrastructure is changing and how smart cards are being used in identity management systems to ensure the integrity of the chain of trust and to enable the convergence of physical and logical access.

This presentation will cover Integration Architecture and Alignment Approaches to Identity enabled Networks (CoreIP, Programmable and Sensory Networks) and Identity enabled Network Services (IMS, IN and OA&M Services). It is based on multiple Case Studies and Proof of Concepts. Background on why an identity system is the core building block that adds User Centric Intelligence to everything in a network and other white papers relevant to this presentation may be found by clicking here.