InfoQ Homepage Identity Management Content on InfoQ
Articles
RSS Feed-
/articles/what-why-programmable-proxies/en/smallimage/logo-1652716879366.jpg)
The What and Why of Programmable Proxies
A question which gets often asked is “What is a programmable proxy, and why do I need one?” This article tries to answer this question from different perspectives. We will start with a brief definition of what a proxy is, then discuss how proxies evolved, explaining what needs they responded to and what benefits they offered at each stage. Finally, we discuss several aspects of programmability.
-
/articles/auth-layer-auth0-hasura/en/smallimage/logo-1629735628854.jpg)
Bootstrapping the Authentication Layer and Server with Auth0.js and Hasura
When you're trying to prototype an MVP for your app and want to start iterating quickly, the upfront cost of setting up authentication can be a massive roadblock. The authentication layer requires significant work, and you must always be on the lookout for security vulnerabilities.
-
/articles/access-management-reference-architecture/en/smallimage/logo-cloud-1618952496411.jpg)
A Reference Architecture for Fine-Grained Access Management on the Cloud
In this article, we will define a new reference architecture for cloud-native companies that are looking for a simplified access management solution for their cloud resources, from SSH hosts, databases, data warehouses, to message pipelines and cloud storage endpoints.
-
/articles/identity-management-cloud-security/en/smallimage/cloud-s-1597621295998.jpeg)
Identity Mismanagement: Why the #1 Cloud Security Problem Is about to Get Worse
In this article, we'll look at why IAM is becoming such a huge challenge, explain why identity is the new currency, and then reveal some principles that can help you meet this challenge.
-
/articles/book-review-cyber-warfare/en/smallimage/cyber-warfare-cunningham-small-1594037762917.jpg)
Q&A on the Book Cyber Warfare
The book Cyber Warfare by Dr. Chase Cunningham explores how organizations can defend themselves against cyber attacks. It provides examples of actual attacks together with defense techniques, tools, and strategies for cybersecurity.
-
/articles/gdpr-for-operations/en/smallimage/logo-gdpr-1520521590016.jpeg)
GDPR for Operations
With GDPR, taking care of personal data is an organisation-wide responsibility, but in the operations we can provide a lot of supporting tools to help deal with the multiple facets of this problem.
-
/articles/leadership/en/smallimage/logo-2.jpg)
Author Q&A on Leading without Authority
Tathagat Varma, shares his experience of working as an individual contributor at a deeper leadership level. He refers to this as an "Individual Leader". This post explains how to lead without authority.
-
/articles/hologram/en/smallimage/logo.jpg)
Hologram - Finally, AWS Key Distribution that Makes Sense
Faced with the lack of solutions for secure distribution of AWS access keys to developers, AdRoll decided to build their own open source Hologram, a system that brings Amazon's Instance Profile mechanism to developer workstations. Adair details the process, tool design and main features.
-
/articles/cloud-identity-real-representative/en/smallimage/logo.jpg)
Do we really need identity propagation in SOA and Clouds?
Identity Propagation through Single Sign-On(SSO) has been assumed to be a panacea for all identity issues in SOA and Clouds. In this article, Michael Poulin raises questions around the business feasibility of propagation and proposes a delegate model of representation instead.
-
/articles/scim-data-model-limitations/en/smallimage/logo.jpg)
Don't SCIM over your Data Model
This opinion piece discusses three specific suggestions for improving the SCIM data model: 1. Both the enterprise client and cloud provider should map their internal IDs to a shared External ID, which is the only ID exposed through the API. 2. Multi-valued attributes of a resource must be converted from an array into a dictionary with unique keys. 3. 3 ways to improve the PATCH command
-
/articles/ieee-the-future-of-authentication/en/smallimage/article-logo.jpg)
The Future of Authentication
In this IEEE roundtable discussion hosted by guest editors Richard Chow, Markus Jakobsson, and Jesus Molina, the panelists discuss current authentication approaches, how to authenticate users on mobile devices and the future direction of authentication.
-
/articles/architecting-cloud-scale-identity/en/smallimage/small image.jpg)
Architecting a Cloud-Scale Identity Fabric
In this IEEE article, author Eric Olden discusses an identity fabric that links multiple applications to a single identity to manage the volume of user identities that network administrators must secure and to enable a full-scale cloud adoption.