Another interesting takeaway from the SSO Summit by Christopher Paidhrin:
The future of SSO is coming upon us quickly. The adoption of standardized federation, identity and authorization schemas is lagging behind the adoption of Web 2.0, cloud-everything and mobile-diversity technologies and service demands. Both John Haggard and Gunnar Peterson spoke emphatically to the need for "real" security to catch up with the explosion of perimeter-less networks and SaaS/SOA/cloud services.
The thing is that developers are at least a decade ahead of the infosec people who continue to roll like its 1995 with SSL and network firewalls. By itself this is already a problem, but its made worse because attackers are a decade ahead as well.
Comments