Focusing on identity management rather than traditional perimeter-based security can assist digital transformation projects and help create better relationships with customers, ForgeRock vice president of product marketing John Barco (pictured) told iTWire.
It recognises that there is a growing need to identify users - which may be customers, partners or citizens, not just employees - so that they can be given access to the appropriate resources.
Getting a handle on identity also allows organisations to gain a single view of their customers. Barco gave the example of an insurance company that used the platform to link its various product silos (car, life, home, etc) in order to run selective marketing campaigns and to offer discounts when customers hold multiple products.
Unlike other identity products, the ForgeRock Identity Platform is able to watch an entire session (as well as the user's session history) and require more rigorous authentication when appropriate, such as when an employee is connected via an external network, or when a customer unexpectedly appears to be located in a foreign country. Instead of just relying on credentials that can be stolen, it can base authorisation decisions on where users are and what they are doing.
"Nobody else in the identity management space can do this today," he said.
The new version of the ForgeRock Identity Platform was also designed to manage the identity and provide authorisation for 'things.'
One problem in this areas is that "there's not a single set [of standards] that everyone's conforming with," Barco said, so ForgeRock has built in a gateway to convert various protocols including M2TP into messages that the Platform can handle.
"We have to have a lot of flexibility, we can't enforce the standards," he said.
Toyota Europe already uses the Platform to automatically download content such as maps and music to cars in accordance with the owner's preferences.
The third main development in this version of the ForgeRock Identity Platform is support for UMA. The company claims this is the first complete implementation of UMA in an identity management platform.
UMA was developed over several years, and version 1.0 was adopted in 2015.
The idea of UMA is to provide users with a standardised way of granting access to data to authorised parties, and to monitor such access.
The need for such control is accelerating in the light of the variety and quantity of personal information being collected by smart devices of various kinds.
"We really expect pretty fast adoption" of UMA by the industry, Barco told iTWire, in part because legislation - particularly in Europe - is forcing organisations into providing such controls.
One example given by the company is that someone might choose to provide their heart rate data on an ongoing basis to their regular doctor, but give another practitioner access to the data only for a specific period.
But "it's not just healthcare, it's across every industry," he said, and it applies to employees as well as customers.
ForgeRock vice president of innovation and emerging technology (and founder and chair of the UMA Work Group) Eve Maler said "Organisations looking to design personalised digital services that also respect an individual's right to control access to their data will find that the ForgeRock Identity Platform offers a new set of tools making this possible.
"Further, by designing services that offer this transparency and respect, organisations are also better able to address the implications of the emerging regulatory landscape."