Skip navigation.
Home
Welcome to DominicT.net
Home » Forums » Technologies » Emerging Technologies

Identity Management

Submitted by dthoma7 on Fri, 2008-02-01 19:46

Identity Management is a real problem facing many firms right now. Most still grapple with it from the perspective of enterprise security, but many are beginning to realize that the security perspective in isolation leads to suboptimal design of collaboration and options for sharing and access. Enter network access policies and directory services. The space continues to grow. Top products are diversifying. Little guidance exists to understand this space and how to manage the tradeoffs inherent in the decisions. Whole sectors, such as Network Access Control have so far failed to provide the overall foundations needed to enable enterprise systems (See his article for more.)

Here's a good introductory article from Computer world: Stepping Into Identity Management (November 20 2006). Abstract:
Identity management projects may be complicated and costly, but successful rollouts are possible by taking small steps and limiting the scope to key applications. The result: cost savings and productivity gains.

Specific solutions and technologies are developing. I have been compiling lists of them and having a research assistant update this list. It is worth noting the Federal government is also stepping into this space with its "RealID" efforts. Like previous efforts (see Garfinkel's Database Nation these efforts are still forming and will face a lot of opposition (see this article for more). Meanwhile, Federal legislation mandating RealID compliance by States was passed as part of a response to the Pacific tsunami several years ago. These RealIDs are licenses that include machine-readable information such as name, birthday, and a picture. They are mandated by the Department of Homeland Security, and as of this May, non-compliance may cause you to be unable to get on a plane or use Federal services (see this article). It is unclear as of yet how organizations will be able to access and use the information within RealIDs.

Here is an article on Apple's open directory. Solutions such as Open Directory allow open source access to the code so that participants can verify how it works and be assured of the resulting data quality. This is a major impediment to adoption of so-called closed solutions. We see a variety of this same open-closed source, identity and authentication difference as a problem with recent versions of voting machines. Some have been criticized for being closed and potentially hackable.

Identity management may also be provided by a third party as a service. This model has been in favor in various solutions for a while. Perhaps the best known of these technologies is the kerberos key system, which employs an independent server to assure identity of messages exchanged between computers. In the area of consumer identity assurance, we see some Business to Business exchange organizations entering the space too. The most notable is Covisint.

Oxfam CIO talks about the importance of IT innovation and collaboration management ›