ID Management Gets Flexible

The steady growth of Web-based applications and the increased integration of systems among customers, partners, and suppliers are fueling demand for identity-management applications that help businesses cut the costs of ensuring that only the right people access certain apps.

Research firm IDC expects the identity-management market to grow from around $593 million last year to roughly $4 billion by 2007.

Last week, nearly a year after its acquisition of identity-management software maker Access360, IBM Tivoli unveiled a flurry of enhancements to its identity-management application lineup, including Identity Manager, Access Manager, Privacy Manager, Directory Integrator, and Directory Server.

"If you can start leveraging existing information that you have on users, it's easier to integrate identity management into the business unit," says Pete Lindstrom, research director at Spire Security. "With standard role-based access-management tools, you had to add users more manually. With these types of enhancements, it's now a more-flexible process [that uses] existing attributes about the user."

An enhancement that will help customers simplify identity management, analysts say, is Access Manager's new Dynamic Rules Engine, which culls information about users directly from existing data stores, such as human-resources files or the employee's departmental files. IBM's Tivoli Identity Manager version 4.5 also has improved the way it handles requests to change a user's privileges, such as after a promotion or a termination.

Courion Corp., another identity-management vendor, also has made improvements to help companies more effectively manage identities. The AccountCourier app, part of Courion Identity Management Suite 6.5, lets users delegate their access rights as long as they fall within the company's security policy. For example, an employee could delegate his or her application-access privileges to a co-worker or a manager while on vacation.