Related to my post on business context security yesterday is this excellent whitepaper from PirceWaterhouse and Gartner on identity management. They list the following components to an IM solution:
- Enterprise information architecture
- Permission and policy management
- Enterprise directory services
- User authentication
- User provisioning and workflow
I'd add a hearty amen. You can't manage the security of your enterprise in a business context without an enterprise architecture, good policies, global namespaces, the ability to authenticate users systematically, and a good way to manage account provisioning and deprovisioning.