Identity’s growth is resulting in a myriad of technologies – user-centric, traditional identity management, virtual directories, federation, network access control, layered authentication and on and on. Join Phil Becker, Editor in Chief of Digital ID World, as he looks at the state of identity both today and into the future.

VRM, or Vendor Relationship Management, is the reciprocal of CRM or Customer Relationship Management. It provides customers with tools for engaging with vendors in ways that work for both parties. CRM systems until now have borne the full burden of relating with customers. VRM will provide customers with the means to bear some of that weight, and to help make markets work for both vendors and customers — in ways that don't require the former to "lock in" the latter. The goal of VRM is to improve the relationship between Demand and Supply by providing new and better ways for the former to relate to the latter. In a larger sense, VRM immodestly intends to improve markets and their mechanisms by equipping customers to be independent leaders and not just captive followers in their relationships with vendors and other parties on the supply side of the marketplace.

For VRM to work, the appropriate identity infrastructure must exist. In this keynote presentation, Doc Searls, co-author of The Cluetrain Manifesto, Senior Editor at LinuxWorld, and the driving force behind VRM will explain the role that identity will play in reshaping the relationship between Demand and Supply.

The perimeter of the Enterprise is being dissolved by the fluid movement of people, information and devices in response to continuous reorganization, outsourcing and expanded relationships. Information systems must be assembled and reassembled with increasing agility, across more complex, unpredictable and permeable boundaries. This presentation will show how digital claims help both users and systems overcome these problems. This will include the benefits of defining roles and personas as Digital Identities backed by multiple authorities with credibility in specific and different contexts.

The move from an economy primarily centered on goods to one centered on services means that we conduct fewer and fewer anonymous transactions. Most interesting services require at least pseudonymous identifiers. Identity system are becoming ubiquitous. But what are the foundational steps for any identity management initiative? Do you really need to understand enterprise rights management before you undertake a directory virtualization project?

Phil Windley, author of Digital Identity, will walk attendees through the necessary groundwork for any and all identity initiatives. This session will also introduce recent advances identity, including user-centric identity technologies such as OpenID, i-names, CardSpace, and others and to show how they can be used in Web applications.

Traditionally, authentication has been thought of as a "binary switch" – you’re either "authenticated" or "not authenticated." But more recently, authentication is coming to be seen as a risk management spectrum – where you can be partially authenticated. In this session, you’ll hear from leading enterprises that are implementing this approach.

This interactive panel discussion will focus on the lessons learned from an implementation of an identity management solution at Sun Microsystems. Key topics for discussion will include balancing existing processes against standard functionality, involvement of key stakeholders, early validation of base functionality, accurately estimating the effort, the importance of testing and staging environments (and test cycles), role definition, issue resolution and escalation across business owners, identity management solution vendors, managed resource vendors and system integrators.

Logon IDs, access rights, groups or share permissions, etc. are the attributes that define a person's "Identity" within an organization and more importantly they all require management. Simplifying the management of these identities to meet regulatory compliance is the challenge. Find out how Identity Management enables Identity Compliance.

After years of false starts and protocol wars, federated identity has turned the corner of mainstream enterprise adoption. But what are the pitfalls as you seek to deploy federated identity technologies? In this session, you’ll hear from both enterprise and government, as they relay how they made their federated identity initiatives succeed.

With 35,000 employees, 2100 offices and millions of customers, The First American Corporation must secure, manage, and audit identities and access to critical and private information. Learn how the company is addressing this with enterprise-wide entitlement management, and understand how to leverage these experiences in meeting your identity and security needs.

A lot of folks refer to it as "the big bang" – that anticipated moment when interoperability and convergence happen around internet-scale identity systems. Some claim the big bang is right around the corner, others aren’t so sure.

We don’t know what the future holds for convergence of internet scale identity systems. What we do have is a diverse community of intelligent people working hard on making this reality in the Identity Commons working groups. We will tap this well of knowledge and outline a range of possible futures.

This session will present the results of a scenario planning exercise conducted on Sunday afternoon before the conference. "Panelists" will be those selected to present the scenarios.

The McGraw Hill Companies is a leading information services provider meeting world wide needs in the financial services, education and business information markets through brands such as Standard and Poor’s, Business Week and McGraw Hill Education. The corporation has more than 300 offices across 40 countries. McGraw Hill is currently implementing an end-to-end solution for identity management across its global offices and has already successfully implemented user provisioning to address their IT, security and compliance needs.

This presentation will provide an overview of The McGraw Hill Companies' implementation. The speaker will detail the business drivers, the planning, and the approach behind the deployment and share lessons learned and recommendations based on such. The presentation will also discuss the successful results as well as the future plans for Security & Identity Management implementation at The McGraw Hill Companies. The audience will learn the do's and don'ts for a successful global identity management implementation.

In this presentation, Mr. Dully will provide an overview of a single signon implementation in healthcare. This is a mature implementation, providing transparent and secure single signon access to Electronic Medical Records and scheduling applications for all physicians practicing within a network of "paperless" hospitals.

This implementation is unique in that it has dramatically improved accessibility and utilization of clinical applications while also making them more secure.

Over the past year and a half OpenID has seen incredible growth from a grass roots community up to implementations and support from companies like AOL, SUN Microsystems, and VeriSign. This session will take a look at how OpenID is different from past solutions, why it is gaining traction, and how it can be used within an enterprise.

Provisioning has become the essential component for identity management. But achieving success in your provisioning deployment may not be as easy as it sounds. Hear Suntrust Banks, BankUnited and others take you "inside" of their provisioning deployments.

Discover Financial needed to consolidate disparate authoritative identity sources into a single directory that could be accessed by various applications while allowing the existing data owners to maintain control. Using virtualization, they standardized access to applications and simplified their directory environment by creating an abstraction layer across their existing identity systems to handle digital identity.

Intel is researching a new platform capability that provides a hardware secured environment in which a wide variety of identities can be safely provisioned, stored, managed, and used for any kind of electronic access/transaction. This session will be complemented by a proof of concept demonstration developed by Intel, Hewlett Packard (HP), and British Telecom (BT) whereby BT uses HP provisioning services to securely provision a Software SIM identity onto an Intel ICP that is subsequently used to connect to the BT wireless network.

During this session you will gain an understanding of how identity and access management solutions create the foundation for evidenced- based digital trust within the enterprise. Best practices and success factors for implementing identity management and federated identity management solutions will be discussed. Presenters will also review a case study highlighting an actual solution implementation that will enable you to benefit from key lessons learned.

This session will describe the evolution of identity at AOL. Starting with the identities associated with dial-up account to the present implementations of open standards. We will look at the changes to the data model and architecture, as well as the business justifications for the move to open standards.

BizTalk Services provides a next-generation platform technology for building composite applications, interconnecting disparate systems, providing communications between endpoints, coordination of business processes, security for access control and data protection, as well as analysis and management of composite applications. One of the key facets of BizTalk Services is the interoperable Identity Provider Service. From a functional perspective, third party web sites and applications can use the Identity Provider Service for authentication and access control.

This talk focuses on the Identity Provider in BizTalk Services. It starts with an introductory view of the Identity Provider in BizTalk Services, then shifts to a series of demonstrations.

Organizations and industries are investigating existing and emerging Identity Management technology capabilities to better connect people, processes and information across business communities and networks. Software as a service ("SaaS") is all the rage when it comes to delivering CRM or similar applications. But can identity management be delivered as a service?

In this session, you’ll hear a federal government angle on how they chose their path of doing it and find out if "IdM as SaaS" is the wave of the future.

We’ve reached an inflection point where anonymity on the Internet is hindering our ability to move beyond basic browsing to higher-value collaboration. In this session Tim will explore what’s possible with validated, portable identities, including:

• DRM free entertainment
• Child safe social networking
• Medical drug trial research and collaboration
• Age-verified purchases

The Digital ID World Awards are given yearly to recognize those individuals or organizations that have made a significant contribution (technology, policy, business or deployment process, or social impact) to the digital identity industry. The Liberty Alliance IDentity Deployment award (IDDY) recognizes the best ID management deployments and the value they bring to businesses, governments, citizens, and consumers around the world. This year's award winners will receive their awards at this session.

Today, digital identity issues cross a wide spectrum, including both the social and business aspects of every day life. Lewis will put identity management in context, in terms of the broader enterprise IT strategies IdM enables, the larger social implications of digital identity, and the sociological and technological trends driving identity management systems. He'll discuss the evolution of enterprise Identity Management services in relation to overall enterprise IT architecture.

Compliance has been the number one driver in identity deployments for the last several years. While some analysts are (prematurely) calling the “compliance driver” over and done, most deployments are still struggling with achieving the level of automation that they require. In this session, you’ll hear success stories that have used identity to achieve compliance.

Hear from the Liberty Alliance IDDY award winners. This session will include case studies, and identity innovations.

Driven by the need to establish accurate and accountable access control processes in a industry with rapid personnel turnover, Safeway embarked on an Enterprise Role Management project within its Identity Management Program. In this session, Paul will shared his lessons learned in building a business case, a delivery framework, process automations, and a Role Governance Committee for Enterprise Role Management as well as practical experiences in implementing a Role Management System.

Identity management technologies go far beyond tracking and classifying a corporation’s numerous users – they are also critical to track enterprise assets. Chuck Hurst, Vice President of Systems Development at Scripps Networks, will discuss his company’s innovative identity management deployment and how it leverages the technology to track and manage its countless media assets.

In today’s heavily regulated environment, financial services organizations are under the gun to implement strategic identity management (IDM) solutions that can help them meet critical compliance and risk management objectives while continuing to optimize business performance. This is no small task. The scale and reliability required of infrastructure systems like IDM is unprecedented. With more and more focus on internal and external oversight, existing security practices are facing intense scrutiny – now requiring CISOs to become both technology and legal experts.

In this session, Mike Ackerman, Executive Director and head of security solutions at Morgan Stanley, will discuss practical approaches for managing user access to critical applications and data, including processes for certifying user access, aligning access privileges with business roles, and enforcing access policies. Mike will share lessons learned and best practices developed by Morgan Stanley to improve efficiency, mitigate operational risks, and meet compliance obligations.

Machine identities are also essential elements of the identity infrastructure. Network access, data protection, and high value services have made it critical to not only authenticate the users, but also to have assurance that the platforms being used for access are known to the enterprise and through integrity metrics determine if the platform can be trusted. Example applications requiring the integration of machine identities and integrity metrics will be discussed at this open round table.

Historically, telecommunications identity and security models have centered on the notion that subscriber identity is "owned" by the carrier, but as the federated identity model from web-oriented business applications spreads, we're starting to see a clash between these models and classic telecom identity and security models. What can be done to extend each to support the notion of shared identity between the enterprise and carrier? How will this affect both the enterprise and the carrier? These and other burning questions will be addressed during the session.

The need for successful implementation of healthcare information technology (HIT) is paramount in a field where immediate, accurate information can radically impact patient outcomes, workflow effectiveness, and operational efficiency. As the industry evolves into a paperless environment, how can a healthcare facility overcome the challenge of secure information transport while still providing the transparency necessary to reduce risk for patients, physicians and other service providers?

During this presentation, Paul Contino, Vice President of Information Technology, Mount Sinai Medical Center, will discuss the innovative application of patient health card technology that is expected to enhance employee productivity, streamline overall business processes and improve the patient experience.

Online fraud related to e-commerce payments have been rising significantly year over year. This session will discuss how Information Cards can revolutionize how we do e-commerce payments over the web. We will explain how existing electronic payment schemes work and how Information Cards are a perfect fit for enhancing these existing schemes to be more secure and easy to use while increasing the privacy of consumers. Teaming up with Ping Identity we will also demonstrate a fully functional prototype of the system at work(See demo also in Ping Identity’s booth, #404).

The efficient and effective delivery of government services requires a highly connected workforce, involving thousands of public and private sector employees and professionals, and from many different organizations, each with their own IT infrastructures. The Province of BC has engaged public sector architects and Identity Management vendors in developing a claims based user-centric architecture for the authentication and authorization of the workforce and the public. The Province is now about to undertake pilots using managed Information Cards to allow collaboration and access between different organizations. In addition, the Province is adding managed Information Cards to its www.bceid.ca Identity Provider service to test the architecture when applied to citizen centered services delivery.

In this presentation you will learn about the Identity Governance Framework (IGF), a standards-based initiative under development at the Liberty Alliance. IGF is concerned with secure and appropriate exchange of identity-related information between services (or applications) and producers (data custodians, attribute authorities) of identity data. The goal of IGF is to assist enterprises and other custodians of identity data with with increased transparency and demonstrable compliance with respect to policies for identity data.

By enabling single sign-on for mobile and broadband customers, identity federation promises to significantly reduce the friction associated with aggregated service offerings to both mobile and internet users. Several telcom providers are today forging the way with significant identity infrastructure investments to enable these differentiating services and lay the foundation for a more seamless customer experience, more targeted advertising and smarter application services through their identity-aware networks. Understand what's coming and how you can align yourself to these emerging trends.

Service Oriented Architecture is the architecture of the present. And identity plays a special role in that architecture, especially in light of managing the access to mission critical, composable processes. Hear from implementers like Network Appliance, as they walk you through the hurdles and success of their identity-based SOA initiatives.

Consider this scenario: An assistant treasurer of a multi-national firm in Asia, who is an authorized signer on 100 DDA accounts across ten banks, moves to a new job at corporate headquarters. His role, as an authorized signatory, needs to be transitioned to his successor. This changeover involves contacting each bank, obtaining the appropriate forms, appending resolutions and sending the completed forms back to all the banks.

Now, consider an alternate scenario whereby a user logs on to a bank account management system where all the firm's bank accounts can be viewed. The user filters the accounts replacing the old signatory with the new one, and then uses a bank issued, digital credential to approve the transfer and provide the banks with the required authorized signature. The requested updates flow through the banking system and an acknowledgement is generated that the changes have been made.

Traditionally, open source technologies have been seen as a commoditizing factor. But some open source identity management technologies are getting deployed that are doing just the opposite – adding additional value.

Although 3G mobile devices leverage mostly open standards like SIP, many enterprises are discovering that the authentication mechanisms used by carriers make it challenging to link their own enterprise identity infrastructure to that used by the carrier. What's possible and practical today will be discussed, along with scenarios that would allow tighter linkage between enterprise and carrier identity in the future, and the kinds of business applications that would be enabled as a result.

It is increasingly understood that the notion of identity is at the heart of the security equation in every business application. Identity is now part of every aspect of the application design, development, deployment and management process. We therefore have to externalize identity into a standards-based service incorporated by every tier of a business application's environment.

This session will describe the birth and evolution of the "other" Identity-As-A-Service, and what is happening in the industry today to make it a reality.

Many identity-related security tools claim to "solve" your compliance issues. But are the proposed solutions really appropriate for the need, or are they solving problems that don't exist for everyone? This end-user case study will look at Identity and Access Management solutions from a compliance perspective. Compliance legislation, such as SOX, GLBA, and CA SB 1386, mandates audits of employee access to business applications.

This case study describes PMI's project to automate its compliance-related Identity Auditing for user access rights certification.

The United States Air Force relies on the ability to access information anywhere, anytime. Five years ago, applications across the Air Force stood up their own data stores. This process created orphaned and unmanageable accounts propagating “dirty data” throughout the service. The Air Force took initial steps to consolidate user identities using meta-directories but problems with replication, timeliness of data and high administrative costs plagued the program.

Today, through the considerable efforts of Air Force Directory Services, the Air Force has established a single authoritative view of identity data for enterprise applications. Using Radiant Logic’s Radiant One Virtual Directory, Booz Allen has implemented capabilities that consolidate over 800,000 Air Force identities, automate account creation and maintenance processes, and provide timely and relevant data to enterprise applications. Ryan Daly and Donald Henderson III, two members of Booz Allen’s Identity and Access Management team, will discuss the business and technology drivers that led the Air Force to explore virtualization as an alternative to meta-directories. They will also provide insight as to how Booz Allen designed the system to scale to the required level and how the virtual directory construct enables new capabilities to increase the efficiency of Air Force users/programs ultimately saving the service significant time and money.

Learn how Gap Inc. overcame challenges of increasing IT costs in the face of mounting regulatory compliance pressures across their mixed Linux, UNIX and Windows network, saving millions of dollars on identity management.

With a mixed network of Windows servers and 600 Linux and UNIX servers, Gap Inc. administrators had been managing local password files for authentication. This was an impractical solution with such a large number of systems. Gap looked for a solution that allowed a common directory service for all systems.

Gap Inc.'s final solution resulted in single user names and passwords for all systems, consistent security policy and improved PCI regulatory compliance.

People’s Bank, one of Connecticut’s largest financial institutions, is openly positioning for rapid growth. This strategy will gain the attention of industry regulators so processes and technologies had to be established to enable speed and efficiency during mergers while simultaneously demonstrating the controls that will be required for the much larger institution that People’s intends to become.

While many companies may not have addressed them yet, these problems are well understood and reasonable solutions exist. By example, People’s deployed roles based provisioning with fine grained entitlements for its branch managers in two months and demonstrated automated access compliance reviews, role lifecycle management, and password management. So what's next?

With the fundamentals now in place, the organization has turned its attention to three cross-cutting areas on the event horizon that all companies who want to manage risk without disabling the business will need to address Continuous Compliance, Enforcing Policy in Collaborative Environments, and A Business View of Entitlements.

These areas will require companies to adopt new operational paradigms and vendors to deliver new tools to instrument them. In this discussion, Tim will explore reasonable options; where to start “now”, what People’s Bank has already accomplished, and how to prepare for “what’s next”.

In this keynote presentation, Michael Barrett will review the identity landscape, starting with ancient history, move on through our more recent experiences and give a few predictions about where we may be going. Hint: "Those who ignore history are destined to repeat it..."

Along the way, he will also cover electronic crimes and their relationship to identity.