Blog
IAM Software Development
Identity and access management (IAM) is a critical component of modern software systems, ensuring that only authorized users have access to sensitive data and resources. In recent years, there has been an increasing focus on developing IAM solutions that are flexible, scalable, and secure, leveraging emerging technologies and development methodologies. This article provides an overview of current trends and best practices in IAM software development, with a focus on the use of programming languages such as Java, Ecmascript, Typescript, and Python, as well as XML handling and architectures such as microservices and Java application servers.
April 1, 2023
Knowledge Transfer Principles
Challenge Information Technology is a complex topic. Life itself is another complex topic. And living and breathing for Information Technology is even more complex. To survive in today’s multiplexed world, you need a good and solid understanding of the processes, opportunities and pitfalls surrounding you not only in the IT-Sector, but also when dealing with the ‘soft’ facts and skill (some call it OSI-Modell Layer 8).
April 1, 2023
Principles Of Decentralized Identity Management
I had the great honor to present on the ‘Blockchain ID Innovation Night’, which took place just before the European Identity & Cloud Conference in Munich. According to the ‚call for speakers‘ send out in February, the organizer (KuppingerCole) was not looking for ‘pitches’, but for a ‘slam-style event where you try to entertain and convince the crowd that the world will be a better place with your contribution‘ at the same time. Well, I think the world is a better place since I presented, at least for me.
April 1, 2023
Recognized Leader in IAM
WedaCon recognized as member of Top 10 Identity and Access Management Consulting/ Services Companies in Europe 2019 A strong and secure access management system has been one of the main pillars of a company’s security infrastructure ever since. ‘By offering the best technological services and with several success stories to their credit, these service providers are constantly proving their worth in the field of identity and access management services.’
April 1, 2023
Relational LDAP Services
Challenge Lightweight Directory Services are somewhat strict. They have a schema, which you have to follow. And they are read optimized, so perfect for access control and identity management. But they lack a function that is available on databases: they are not relational, which means you have to have all required attributes and information on one object you will query. Sure, you can do more than one query, but nearly all systems using LDAP require you to deliver all information they request in ONE call.
April 1, 2023
Relationship Notation Language
Within its paper on ‚Refining the Design principles of Identity Relationship Management‘, the Kantara Workgroup for Identity Relationship Management (IRM) defined the criteria a system should follow to enable representation and management of identity relationships. In the course of its exploration, two things have become apparent: The need for a type of ‚Relationship Manager‘ and a Relationship ‚Notation‘ Language. The document you are reading right now gives a first introduction and view on the topic of a ‚notation‘ language, and is one of the contributions from WedaCon to the mentioned workgroup. While concentrating on this, we will also see a few links and mentions of the functionality of a ‚relationship manager‘.
April 1, 2023
Security Levels based on SmartCard Login
Challenge How to protect sensitive data (HR, innovations, whatever) in a highly complex, worldwide acting company? The challenge here was to establish a completely secured environment for specific teams inside the enterprise, while allowing them to use the enterprise global IT Structure as much the same way as the rest of the participants do. Design The Design was based on a security levels, and to reach the highest access and security level, the individual seeking access to sensitive data had to use a smartcard to login (2-Factor Authentication). Once reaching this security level, the user was able to access the secured data, but was not able to write (store) information to any device that had a lower security level.
April 1, 2023
Semantic Entity Relations
It requires a consistent re-orientation and adjustment of current technologies and methods to meet the upcoming challenges of Identity Management. With this White Paper we would like to introduce the latest development of our Entity Relationship Management system. The system’s new feature consistently manages and displays all types of entities and their connections to each other based on semantic and ontological approaches. Introduction Identity and Access Management (IAM) and the ‘sister-discipline’ Identity Access Governance (IAG) are an integral part of the IT infrastructure in medium and large businesses. These systems manage internal user accounts for employees, system administrators and partners. Increasingly, access rights and accounts of customers and suppliers are considered in an IAM compliant view as well.
April 1, 2023
The Case for Knowledge
Information Technology is a complex topic. Life itself is another complex topic. And living and breathing for Information Technology is even more complex. To survive in today’s multiplexed world, you need a good and solid understanding of the processes, opportunities and pitfalls surrounding you not only in the IT-Sector, but also when dealing with the ‘soft’ facts and skills (some call it OSI-Modell Layer 8). The Case When we started our business, one of our main business area was ‘Training’. Nearly all of our staff were either ‘Microsoft Certified Trainer’ or ‘Novell Certified Instructor’ (it was May 2001), plus some other certifications in Project Management and Data Security to instruct others in the usage of decent technologies. Some had both of the top Instructor Certifications available those days. So we know how to transport knowledge, its even in our name: ‘Weda’ is sanskrit and simply means ‘Knowledge’.
April 1, 2023
Why HR 4.0 might not work for you
The magical version ‘4.0’ is something we stumble over in 2016 each and everywhere people talk about ‘disruptive’ technologies, changes and new approaches. Whether its HR 4.0, Industry 4.0 or Web 4.0, the basic goals do not differ much, which is the reason for us to use the term ‘Idea 4.0’ throughout this document for the matter of ease and readability. So what exactly does ‘Idea 4.0’ mean, and how did the previous visions and expectations for versions 2.0 and 3.0 look like? And even more important: Where do we stand now in the implementation of the previous versions, and does Idea 4.0 require a full or even partial implementation of versions 2.0 and 3.0 as a prerequisite ? Is there even a ‘Cross-Update’ path directly from 1.0 to 4.0?
April 1, 2023
YIAM© QuarterDeck StageSync
Cross Environment Sync Identity and Access Management (IAM) teams often face the daunting challenge of maintaining consistency and security across multiple development environments. Ensuring that IAM/ IAG artefacts are accurately synchronized between stages like DEV, Production, Quality, and Test is crucial yet complex. Manual processes can lead to errors and security gaps, while disparate tools and configurations add to the complexity. This necessitates a robust solution that can automate and streamline IAM synchronization, reducing risks and enhancing overall efficiency.
April 1, 2023
YIAMKiosk© Password Self Service
Reduce your HelpDesk Costs! Forgotten passwords and their recovery cause substantial costs for companies worldwide every day. Not only the IT department, which has to reset the passwords needs to be considered here, but also the amount of lost working time for employees. This is where WedaCon‘s YIAMKiosk® starts. As a portal providing self-service YIAMKiosk® clears the way for your users in a simple, yet safe way to reset their forgotten passwords on their own and without any intervention by the IT Department.
April 1, 2023
YIAMSuite©
Smart Identity Relationship Management Identity- and Access Management (IAM) Systems are part of IT Strategy in midsize and large businesses for many years now. While features of these systems previously focus on employees and partners, the ,Internet of Things‘, the new EU General Data Protection Regulation and digitization challenges in a new additional way: Disruption even here! Modern IAM systems must encounter these challenges with innovative concepts. Additionally to the administration of Identities, there is a new requirement to manage all those elements and ,Things‘ that might have a relation to the managed person.
April 1, 2023
YIAM Transliteration©
Identity Access Management and Governance, the management of digital entities and their lifecycle across different silos, requires standard communication channels to and from those silos and services. Many identity management tools and solutions do lack a standard communication channel, resulting in a bunch of proprietary or specialized interfaces and connectors, each with its specific requirements and limitations, and most often implemented as a monolith application which lacks scaling on an architectural level.
April 1, 2023
YIAMConnect©
Standardize your processes! ‘Privacy by Design‘ is just one of many demands on IT systems and processes each organization must meet in May 2018 at the latest, as the transitional period for the implementation of the EU General Data Protection Regulation (EU- GDPR) comes to an end. The 2-year period to implement the regulation requires companies and organizations to revise their processes for managing personal data and many other related processes and possibly adapt.
April 1, 2023
About Relationships
Identity Management is and always was ‘Relationship Management’ as well. Identities (=Users) do have relations, and those relations define the ‘inner’ meanings, roles and authorizations of them. In 2008, we at WedaCon started to consequently handle those ‘related’ objects with the same technologies, ideas and concepts as we do with the identities within our projects. Since then, we call it ‘Entity Management’. During the past years, we realized that those relations became the most powerful and usable part of the systems we designed and managed for our customers. Therefor, today we name it ‘Entity Relationship Management’.
April 1, 2023