Home > CA Community > Security Management

CA Community





This Blog
Syndication

Security Management

Insight and opinion on the world of security management. Visit often for commentary on security industry issues around identity and access management, data protection, advanced authentication, single sign-on and access management, cloud security and more.

Identity in the Cloud - a take from the TSCP Autumn Symposium and Expo

Published: October 17 2012, 10:10 PM
by Luke Forsyth

Earlier this month my company, CA Technologies, hosted the Transglobal Secure Collaboration Program (TSCP), Autumn Symposium and Expo in conjunction with the UK Ministry of Defense.

TSCP is a cooperative forum that works to establish and maintain an open standards-based framework to enable secure collaboration. Its members are the world's largest aerospace and defense manufacturers and systems integrators, along with major government departments and agencies.

As you can imagine, for these types of organisations, questions of managing supply chains in a way that protects sensitive information, is nothing less than absolutely critical.

I was fortunate enough to be able to share some of my thoughts with the group, and moderate an absolutely fascinating panel of experts from Boeing, CA Technologies and the Jericho Forum.

Our topic, "Identity in the Cloud," centered around 6 questions:

  1. We have IDP's (Identity Providers) now and can do federation; what do we get out of going to a cloud?
  2. Is Identity in the Cloud just moving IDP services to the cloud, or is it something else?
  3. Do the TSCP use cases represent your view of cloud identity?
  4. SCIM - What is it, why is it important, how does it fit in?
  5. We have spoken about what we hope to get out of Identity in the cloud, what do you think we will potentially lose from it?
  6. Is identity in the cloud about the management and security of identity, or is it a more existential change in the way we live?

One of the key points that emerged from our discussion is the notion that authentication, authorization and accountability must be outside of your control (this is #8 of Jericho Forum's Commandments), which speaks to the importance of an Identity in the Cloud service that enables constant and secure federation. The technology is already available that can revolutionize the secure management of supply chains and business administration. In particular, the revolution of social media and smart devices creates surprising new opportunities to realize new and innovative online capabilities.

I wish I could reproduce the discussion in its entirety for you. While I can't do that, I would love to hear your thoughts and perspectives.  So if you'd like to share some ideas on any of the above 6 questions, please reach out to me or leave a comment below.

Pictured left to right: Paul Simmonds, Jericho Forum; Steve Whitlock, Boeing; Phil Tidmarsh, CA Technologies; and Luke Forsyth, CA Technologies.

Share this post:  
Tags: , , , , , , , , ,
Leave a comment

 

By: Luke Forsyth
Luke Forsyth, VP, Security Services EMEA Luke joined CA Technologies in September 2010. Prior to CA Technologies Luke worked at McAfee, Accenture and began his career at Telstra. Luke is a Certified Information Systems Security Professional (CISSP) with more than fifteen years consulting experience,...
Read More..

1 person has left a comment:

Pingback from  Forsyth control | Byjudith

Posted by: Forsyth control | Byjudith | November 1, 2012 11:05 AM

Leave a Comment

* An asterisk indicates a required field

* :  

:

* :  

  Submit