#1 Did you know that burried queen's speech there is proposed legislation that will mandate the payment of £200 before the Police will consider taking an innocent person of this data base? And what's worse, no independent review will take place, but the same lazy, corrupt, prejudiced cop that got you on there, will be asked to review if his original decision to arrest you and take your DNA was justified.

No prizes for guessing what the answer will be :-0

#2 Yes, it does mean that mobile devices cna be used for Information Cards. While I was at the OpenID summit, I gave a demonstration of the Cloud Selector to the summit leader on his iPhone to prove that you need no install and can use an Information Card to log into an RP via your phone.

Susan Morrow
Avoco Secure

#4 Hey, that was interesting,

Keep up the good work,

Thanks for writing, most people don't bother.

#1 Sounds great. Could this be the start of mobile use of ic's as well?

#6 We are now in September 2009 and eagerly awaiting the outcome of the Home Office consultation on the new proposed DNA retention guidelines for people arrested, but not convicted of any crime.

I do not have much confidence in this consultation excercise, if even after repeated submissions I can't even get a simple acknowledgement of receipt out of the the incompetents running this enquiry.

What is more worrying is that the quasi science they produce to back their flimsy case has been thorougly debunked by reputable statisticians. see http://www.straightstatistics.org/article/dna-database-innocent-or-guilty-whats-difference#comment-198

#11 Thanks for the post and useful comment

#3 Sorry for the double posting. All I did was hit the 'refresh button'

I wanted to add......

From the X.500 hype the dream of a'directory of the entire world' died a death but LDAP directories are a remaining legacy of which hundreds of thousands are deployed today performing a real service.

So my guess is Burtom will say Universal Description, Discovery and Integration (UDDI) as a platform-independent XML-based registry for businesses worldwide to list themselves on the Internet may be dead, but that does not mean that businesses with maybe trusted partners may build loosely coupled services in the cloud. It is just that they will be by invitation only and you need to buy the cook Book. Is that what you think?

#2 Here is a challenging view from the Burton Group:
SOA Is Dead; Long Live Services
Many service oriented architecture (SOA) initiatives have stalled or failed. And prospects for SOA look bleak in 2009. Most organizations have cut funding for their SOA initiatives. Except in rare situations, SOA has failed to deliver its promised benefits. It's time to face reality: the term "SOA" now carries too much baggage. It's time to declare that SOA is dead and move on to the more practical matter of bringing up its offspring. SOA's untimely demise is tragic, but, fortunately, many aspects of SOA live on-particularly in the form of services. Services provide the fundamental building blocks that enable software as a service (SaaS), cloud computing, and business process management (BPM). This Catalyst track will examine the myths and misconceptions that derailed SOA efforts, provide guidance for salvaging value, and supply actionable direction for future efforts.

See for yourself on :

http://www.catalyst.burtongroup.com/Na09/Track_SOAisDead.html?mtcCampaign=4756

#1 Here is a challenging view from the Burton Group:
SOA Is Dead; Long Live Services
Many service oriented architecture (SOA) initiatives have stalled or failed. And prospects for SOA look bleak in 2009. Most organizations have cut funding for their SOA initiatives. Except in rare situations, SOA has failed to deliver its promised benefits. It's time to face reality: the term "SOA" now carries too much baggage. It's time to declare that SOA is dead and move on to the more practical matter of bringing up its offspring. SOA's untimely demise is tragic, but, fortunately, many aspects of SOA live on-particularly in the form of services. Services provide the fundamental building blocks that enable software as a service (SaaS), cloud computing, and business process management (BPM). This Catalyst track will examine the myths and misconceptions that derailed SOA efforts, provide guidance for salvaging value, and supply actionable direction for future efforts.

See for yourself on :

http://www.catalyst.burtongroup.com/Na09/Track_SOAisDead.html?mtcCampaign=4756

#10 This is an update, a re-issue if you will of my earlier posting of
the subject. In this update You have tried to incorporate much of the feedback.

#5 GeneWatch comments:"This is a long time for innocent people to wait to have their records wiped", said Dr Helen Wallace, Director of GeneWatch UK. "DNA profiles can be used to track an individual or their relatives. Where are the weighty reasons that the European Court demanded to justify retention of this data?"

The Home Office cites many examples where DNA has been useful in investigating crimes, but these examples are mostly misleading because they do not rely on retaining DNA profiles from innocent people. The number of crimes detected using DNA has not increased despite the database more than doubling in size. With more than 5 million records, Britain's DNA database is by far the largest in Europe, yet Britain has one of the lowest conviction rates for rape. The DNA database is not used or needed to exonerate innocent people, who carry their DNA with them at all times More information is available on: http://www.genewatch.org/sub-539491

#4 Well on May 7th the UK government finally outlined new proposals for DNA database but Liberty’s Shami Chakrabarti quickly likened it to sticking up two fingers to the European Court of Human Rights. That covers my sentiments exactly. Read more about this here
http://www.bloglines.com/blog/Marcus-Lasance?id=43

#2 Your point is well made Kurt and it is good to bring the HP IAM exit into memory. Nevertheless was not just pleased with our successful financial exit when SAP acquired MaXware, but also proud our software would live on under a 'big brand' and our customers that stuck their neck out buying from a 'small company' were vindicated in the eyes of people in the corporate purchasing department who come up with the viability issue time and time again. Still on the on the other hand I also believe strongly what I said in my blog entry IAM RFI/RFPs a waste of time, which counters your argument somewhat. see http://www.bloglines.com/blog/Marcus-Lasance?id=19

#1 Oracle's positioning is talking about providing an integrated system from "application to disk" and also lauds the merits of having Solaris and Java at its disposal. But, nowhere do you hear anything about identity management. This is of no surprise as the acquisition was not motivated by a strategy of combining identity management solutions. However, if you're a Sun identity management customer, you have to be concerned due to the significant overlap between Oracle's and Sun's IAM product lines.

So, this got me thinking about the importance of the "new" vendor viability. As an independent player who is a wee bit smaller than some of the companies we compete with in the IAM market, Courion sees vendor viability thrown in our faces at times in competitive situations. Although we've demonstrated product innovation and leadership (according to Gartner and Burton Group among others) and are recognized for a strong track record of customer success at a fraction of the overall implementation and service costs, our competition (including Sun) would throw the viability FUD in there to try to wrestle deals away. Comments such as "They're too small"; "They're not going to be around much longer"; "We're going to crush them" have all been things we've heard in selling cycles for a long time.

Well, I believe the Oracle Sun acquisition highlights where the real viability concerns lie. Clearly the IAM business was not a consideration of Oracle when acquiring Sun. There is tremendous overlap between the product sets and one can only suspect that Oracle will be announcing an end of life plan for the Sun Identity Manager products before too long.

Consider other announcements over the last few years. HP acquires Trulogica as an entry into the identity management market only to announce a few years later that HP was getting out of the business. Similarly BMC announced it was dropping traditional identity management. After acquiring Netegrity, much of the original Business Layers identity management products have been "evolved" by CA under a completely different architecture. It sure appears to me that size has nothing to do with IAM vendor viability.

IAM is what Courion does. We can't afford to give away hardware, operating systems, databases, or anything else if the project goes bad. We must have customer success for each and every project as there is no other way for Courion to "make it up" to the customer. Clearly a company like Courion is not planning on getting out of the IAM business.

IAM is a strong and growing market, and is still a top priority in even the current economic climate. But, when vendors use their IAM business as a way to help pull other products and push infrastructure on customers, success is measured in more than pure IAM revenue. True vendor viability concerns should be focused on these larger organizations and prospective customers need to look carefully at the nature of their commitment and the viability of their overall business. The commitment these organizations have to IAM should be a major concern. Courion's focus for IAM is to solve real, critical business problems. Its purpose is not to sell other pieces of infrastructure. This is what we do and we like to think we're doing it pretty well. We're growing. We're profitable. We've got a customer base full of happy customers. That all sounds pretty viable to me.

#2 This is an important point. Even in Europe organisations are looking to FIPS 201 to provide interoperability. I understand that in the UK the National Policing Improvement Authority (NPIA) put FIPS 201 in the requirements pot. Presumably this would allow inter jurisdictional cooperation between the law enforcement agencies as well as interoperation between the 46 police forces in the UK. I think ActiveIdentity are one of the few smart card vendors that can meet this standard, which is why they are a logical partner for us.

#1 The concept of a shared service provider (SSP) is a big part of the movement toward interoperable strong identity credentials in the United States. The SSP approach is being used by Federal agencies, states in connection with First Responder Authentication Credential and other that understand the benefits of interoperability based on Federal Information Processing Standard 201, FIPS 201. There are some further details available on my blog at http://idmachines.blogspot.com as well as future posts as the market evolves.

#3 An indication of how and when the government will respond to the ECHR ruling can be gleaned from a written response by home office minister Waqui Smith to Andrew Dismore MP, Chair JCHR. In this letter she basically says that the first opportunity for a response will be in June. See http://www.parliament.uk/documents/upload/HRJ08-095Marper.pdf

#2 The Register is on the case.

Read an overview of the responses from different police forces around the country and what the expectations are to resolve this issue.

In the usual political wrangling by March 4th will probably be stretched to 'By the last possible day in March'

see http://www.theregister.co.uk/2009/03/02/dna_dbase_stalling/

#9 I have now updated this report with a version 2 with the above comments processed as much as possible and reasonable
The updated report can be obtained here....
http://www.bloglines.com/blog/Marcus-Lasance?id=33

#2 Kick,
I agree with your analysis of the reasons.

Still it is a shame!

My new role is that of Pricipal Consultant Identity Management at Verizon Business. Good luck with your Telco venture!