SAN FRANCISCO - Network executives say they understand the benefits of building infrastructure to centralize the management of users and access privileges but worry it will be a slow and painful process, especially when it comes to including business partners.

Identity and access management were the main topics at last week's Burton Group conference, which was a hotbed of activity among vendors eager to show their support for emerging standards such as the Security Assertion Markup Language (SAML) (see www.nwfusion.com, DocFinder: 1344).

Network executives at the annual conference said having a standardized identity and access management infrastructure promises many rewards. These include better overall security; fewer user accounts to manage; better control over who is on a network and what they are doing; centralized management of account creation and deletion; and ultimately the ability to work, or federate,with similar infrastructures on partner networks.

They said having such an infrastructure it is key if electronic commerce and Web services are ever to scale. And in fact, Webbased and newly developed applications plug fairly easily into such an infrastructure.

The problem is that most large companies have islands of authentication and authorization services spread across their networks and built into each application. In order to take advantage of a new identity management infrastructure, they would have to rebuild those applications to recognize and defer security to the centralized system.

"So far we...