How can IAM be helpful in managing network intrusion and access? A researcher wants to show a national grid-enabled resource to her class, but can't access it because she's in a classroom and, by policy, unable to get through the firewall. She then clicks on her research icon, authenticates and, because of her researcher status, accesses the research van that is enabled to use the appropriate ports. Can coupling network capabilities and IAM replace the use of IP addresses as the criterion for access with identity, roles, and related attributes? Focusing in on wireless access specifically, can IAM can help correlate identity to an endpoint device by combining network registration and personal identification? This session will explore these questions and how one can identify the person behind the device or address.