Blogginlägg -

The SCIM standards just grew up to become RFC's

Integrity and simplicity for both users and IT-departments just took a huge step forward on the Internet. The SCIM specifications, System for Cross-Domain Identity Management, are now published as publications by the Internet Engineering Taskforce (IETF) as RFC7643 and RFC7644. At neXus we are super proud because we have been playing a key part of the specifications, all the way from version 1.0, 1.1 and now 2.0.

SCIM makes identity life cycle management much easier by specifying and standardising how identity information like users, groups and different types of things and devices are sent over the wire. Before RFC7643 and RFC7644 (Ooo if feels good to write that out loud!) identity information was scattered over the internet leaving traces of identities at all the different service providers that a company have used. Identity Federation have helped adopting new services, and it has given users a smooth user experience, but it leaves those identity traces after the service is not used any more. Sometimes because the company moved on to the next big thing at a new service provider, and sometimes just because an employee quits. Now with RFC7643 and RFC7644 in place it’s possible to automatically create, update and remove the identity information on the fly making it possible to finally take back control of the private and valuable information.

There two specifications are very simple. The first one defines how a User, Group and potentially things like Toaster looks like. They are all called Resources and they are then managed by the other specification that defines how the Resources are sent over the wire.

We, at neXus, uses SCIM internally to tie our platform together in a unified way, we also use it to handle the life cycle management of users to cloud systems like Salesforce, Cisco and others. Devices are also defined in our neXus Dynamic Identity Platform with the help of SCIM, making it easy to define new device in the system, and it’s also a good, compact and well defined, interface for constrained devices to communicate with.

During the development of the specifications we have had several interops to verify that SCIM really works in the wild. There are also a long list of implementations, and we actually just added two new once yesterday, on the public facing web site for SCIM called http://www.simplecloud.info/ that can be used as a starting point for developing SCIM support.

Read more about about SCIM and the SCIM support in neXus Hybrid Access Gateway here:

Read about the Valuable and interoperable identity

Read about Identity Orchestration

You can also watch a couple of videos that describes SCIM:

 (Swedish only)

    Relaterade länkar

    Ämnen

    • Datasäkerhet

    Kategorier

    • identity management
    • system for cross-domain identity management
    • scim
    • hybrid access gateway
    • erik wahlström
    • nexus

    Regioner

    • Dalarna

    Kontakter

    Relaterat innehåll

    • Carolen Ytander ny CMO för neXus

      neXus stärker sin företagsledning ytterligare och rekryterar Carolen Ytander som ansvarig för marknad, kommunikation och strategisk HR. Carolen kommer närmast från Vattenfall där hon haft flera olika chefsroller, däribland som nordisk marknadschef.

    • neXus stärker i Mellanöstern

      neXus har ingått ett distributionsavtal med Shifra, en distributör i Dubai, vilket gör det möjligt för Shifra att sälja neXus PKI-plattformar i Mellanösternregionen.

    • The Hacked Jeep is not alone

      As I wrote about in the blog post “Demystifying Security and Identities for Internet of Things” it is essential to implement security by design.

    • The IETF #93 meeting is wrapping up and it was a great week

      An very intensive Internet Engineering Task Force (IETF) week in Prague is just winding down. It’s been a great week in warm and welcoming Prague. IETF works on the specifications that together form the Internet and IETF attendees meets three times a year to try to make the internet, slowly but consistently, a better place.

    • Demystifying Security and Identities for Internet of Things

      Regardless of where you believe IoT is on the hype cycle you need to start planning on how you shall take control over the security of your IoT scenario otherwise you will find your self in a situation by far harder to manage than any change you have previously faced.

    • Personal Integrity and Identities in the Connected World

      The Internet of Things, The Internet of Everything, the Connected World or what ever you call it means that your identity will interact with an ever-increasing number of other objects, objects that will store your identity information – information you most likely would like to control and determine who does what with it.

    • The world needs dynamic identities

      At neXus we are profoundly convinced that Identity-based Security is the solution to meet security requirements and yet at the same enable you to take full advantage of the opportunities that lays in front of you today and in the future, new opportunities that are created when the Physical and Digital Worlds intertwine

    • WebCrypto, Invisible Token and Hybrid Access Gateway

      After following the development of WebCrypto for more then three years it is awesome to see how it now slowly becomes implemented by the larger browsers. You can test your browser here.

    • Explosion in IoT reveals risk of massive black market

      In a recent report Gartner predicts that by 2020 over 50% of new major business process and system will incorporate some element of the Internet of Things. From a security perspective this growth will be challenge from many perspectives.

    • Identity data capture and validation is key

      This week I had the pleasure of visiting NORSIS event IDentitet 2016 in Oslo. Very well structured the event started with presentations around the capturing and validation of identity data which is fundamental for the trust in eIDs (and of course other types of credentials).

    • neXus TruID for Blackberry 10

      Using your mobile device as a token to enable strong two factor authentication for your applications is really user convenient.

    • Happy Data Privacy Day!

      January 28th is the Data Privacy Day, a date that is currently observed in United States, Canada and 47 European countries.

    Fyll i din epostadress för att följa Nexus Group

    När du väljer att skapa ett konto och följa ett nyhetsrum kommer dina personuppgifter behandlas av oss och av ägaren av nyhetsrummet för att du ska kunna motta nyheter och uppdateringar enligt dina bevakningsinställningar.

    För att läsa mer om detta, var vänlig läs vår Integritetspolicy som berör vår behandling av dina personuppgifter, och Integritetspolicy för Contacts som berör behandlingen av dina personuppgifter från ägaren av nyhetsrummet du följer.

    Vänligen notera att våra Användarvillkor gäller alla våra tjänster.

    Du kan dra tillbaka ditt samtycke när som helst genom att avregistrera dig eller genom att ta bort ditt konto.
    Kolla din inkorg

    Mejl skickat till __email__. Klicka på länken i mejlet för att följa Nexus Group.

    Okej