Consolidation in the provisioning part of the Identity space continues as HP buys TruLogica. It's taken two years, but identity is at last being understood by customers at least in this incremental way and the big vendors have heard the message. IBM acquired Access 360, Sun acquired Waveset, Netegrity acquired Business Layers, now HP acquires TruLogica. That leaves open the question of where's Oracle and Microsoft?

"Identity and entitlement provisioning and management over the lifecycle of a business relationship is critical to effective management of service delivery, achieving regulatory compliance, and enabling new business opportunities without compromising security," said Phil Schacter, vice president and director, Burton Group. "Increasingly enterprise customers are looking for integrated identity management solutions from their major management and platform technology partners."

Remember though, that this type of consolidation wave always trails innovation, and this is the beginning, not the end, of the realization of the centrality of identity in networked computing. Most of the opportunity still lies ahead.

As per usual, the mainstream media is enjoying associating identity technologies with "Big Brother." This Newsweek article talks about biometrics and terrorism:

Although Daugman is convinced that the iris scan is the best biometric technology there is, he doesn't put much stock in it as a security measure. Biometrics, he reckons, has been overhyped. It's not that Iridian Technologies has made false claims. It's true that an iris scan can match a person to a single entry in a vast database with no ambiguity, and it can do so quickly and efficiently, without causing lines at the airport or the border crossing. Daugman's problem is not with the technology but with the expectations people have of it. He disputes the premise that the way to combat terrorism is to amass great quantities of data on individual citizens. "To confuse identification with antiterrorism is flawed reasoning," he says. "It is an illusion to think [iris scans] could prevent terrorism. A suicide bomber is not going to be enrolled on the database."

Here's more -- much much more on Microsoft's "Caller ID for Email" specification.

Time to verify some senders of email, my friends.

This Computerworld article outlines to initiatives at Earthlink:

Internet service provider EarthLink Inc. will soon begin testing new e-mail security technology, including Microsoft Corp.'s recently released Caller ID technology, a company executive said.

EarthLink will be experimenting "very soon" with sender-authentication technology, including Caller ID and a similar plan called Sender Policy Framework (SPF), said Robert Sanders, chief architect at EarthLink. The Atlanta-based Internet service provider will also evaluate other e-mail security proposals, but it isn't backing any specific technology, he said.

Robert Scoble shares the key quote from a recent Charlie Rose interview with Bill Gates...says Gates:

"Absolutely the Longhorn schedule has taken a back seat to our top priority ... Trustworthy computing (security)."

Amen, Mr. Gates.

A Tampa Bay school system is considering a 2million dollar implementation of a system that would require a biometric for a child to get on a bus -- keeping track of children on the right bus at the right time, etc....Find more here....and quoting:

The Pinellas school system is ready to approve a new technology that uses student fingerprints to keep track of who is riding school buses.

Beginning in the fall, the fingerprint system would identify students as they board and leave. The goal is to ensure they are getting on the right bus and getting off at the right stop.

School officials say the $2-million project will save money and dramatically improve safety for students, whose fingerprints will serve as authorization to board and disembark.

An article from eWeek highlights the SMTP Authentication issue -- as highlighted by Microsoft's "Caller ID for Email" announcement las week. The article begins:

Probably the single biggest news out of last week's RSA conference was Microsoft's announcement of its Caller ID for E-Mail standard. Caller ID may be the third of the three major proposals that have been announced, but now that Microsoft has put its cards on the table, a great experiment will begin. Over the next year or so, the big players in e-mail—ISPs, software vendors, major corporate users and the government—will see which of them works best.

The three major proposals are SPF, Caller ID and Yahoo's Domain Keys. SPF is actually up and running, with (as of Feb. 27) 7,957 domains registered as implementing it (although a large number of those appear to be parked, inactive domains). Caller ID is starting to roll out as Microsoft sets up the Hotmail servers to support it for outbound mail. Hotmail will begin checking inbound mail for Caller ID this summer, while other major companies, including Amazon.com and Brightmail, have agreed to test it too. Domain Keys, to be honest, hasn't even been officially announced, although Yahoo has conducted private briefings all over the place and Sendmail, the famous mail server company, has announced it is working on support for it.