Transcript Slide 1
Managing Digital
Identities: Challenges
and Opportunities
IdM Panel at TrustBus 2007
Marco Casassa Mont
Hewlett-Packard Labs
© 2006 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice
Overview
• Identity Management (IdM): A Very Complex & Active Area
Consolidation of “Classic” IdM in the Enterprise
New Trends Impacting on Identity and IdM
New IdM Initiatives
• Old and New Identity Management Issues
• Top Challenges and Opportunities
Identity Management: A Very Complex Area …
Whole New Set of
Initiatives in the
Identity Management
Space
Flow of
Identity
Information
Across
Boundaries …
Identity
Information
Stored all
Over the Places
(Devices, Service
Providers, Enterprises/Orgs,
Govs Sites, etc.)
3
20 July, 2015
Consolidation of Traditional
Identity Management in Enterprises
Users
Enterprises/
Orgs
Government
Old and New Threats
Identity Management:
Consolidation in the Enterprise …
Management Components
User
Mgmt
Fed. Mgmt
Privacy
Mgmt
Access
Control
Consumable Value Components
Single Sign-On Personalization
Self Service
Lifecycle Components
Provisioning
Longevity
Security Components
Authentication
Authorization
Auditing
Data Repository Components
Directories
4
20 July, 2015
Meta- Directories Virtual Directories Databases
New Trends Impacting Identity Management
- Web 2.0,
- Collaborative Networks,
- Content Generation &
Mash-up, …
- Mobility,
- New types
and range
of Personal
Devices
- New Services
- Convergence of
IP/Telco in
Next Generation
Networking
(NGN)
5
20 July, 2015
Users
Enterprises/
Orgs
Government
- Terrorism,
- New Global Threats,
- New Legislation, Laws, …
- Enterprise (Web) 2.0
- Convergence IP/Telco
Networks (NGN)
- Business-driven IT
Management
- Risk & Assurance
Management
- New Laws and
Legislation
-…
Identity Management:
A Whole New Set of Initiatives …
Enterprises/
Orgs
User-Centric IdM
(Identity 2.0)
Driven by Web 2.0 &
Federated IdM:
- OpenId
- InfoCard
- Sxip
- …
Device-based Identity
Mgmt:
- Liberty Alliance
Identity-Capable
Platforms (ICP)
- Next Generation
Trusted Computing
(TCG)
- Network-based
Identities
…
6
20 July, 2015
Users
Identity as a Service
Government
National Identity
IDs/Cards
(biometric IDs, etc.)
Privacy Laws,
Other Legislation
(US RealID, etc.)
Identity 2.0 &
Web 2.0 for
Enterprises:
- Content-aware
Access Control …
Business-driven IT
Management and
Implications for IdM:
- ITIL, Cobit, BS7799, …
- Federated Identity
Assurance
Identity Governance
& Compliance to Laws
- Role Mining
in Complex Orgs/M&As, …
Identity Management: Old and New Issues …
- Privacy:
(pseudo-)anonymity
vs. need to disclose
- New Potential Risks
introduced by Identity 2.0
(e.g. Identity Phishing …)
- Identity Thefts and Frauds
- Lack of (Digital) Education
- Lack of User Control on Data
- Lack of Assurance and Trust
7
20 July, 2015
Users
Enterprises/
Orgs
- Too much reliance
on Human-based Processes:
Government
Lack of Automation
of Privacy Management
and Compliance
Management. …
- Lack of IdM + Privacy Standards
- Little control given to
users over data
- Lack of Control, Assurance
and Accountability in
Outsourced Environments
-…
- New Potential Privacy Threats for Citizens
- Cross-Organisations Data Correlations
-…
IdM: Challenges and Opportunities (Next 5 Years)
Top Challenges
1. Improve Users’ Control on Their Personal Data (within Devices and Orgs)
2. Enterprise Privacy Management: Automation of Privacy Management and Regulatory
Compliance in Enterprises
3. Alignment of Enterprise IdM Practices and Solutions to Business-driven IT
Management (ITIL, etc.): Identity Governance, Risk and Assurance Mgmt
4. Secure, Privacy-aware and Trustworthy Federated IdM/SSO
5. Interoperability between various Federated IdM/SSO initiatives
6. Standards to enable Data Exchange between Enterprises/Orgs driven by
and Privacy Policies and Users’ Preferences
•
Exploitation of Web 2.0 + Identity 2.0 in Enterprises/Organisations …
Top Opportunities
1. Improve overall Enterprise IdM Practice and User Experience/Control …
2. New Research & Development Opportunities in the
Identity Management Area both at the User and Enterprise sides
3. New Business Opportunities in the Identity Management space
in terms of IdM Services, Solutions, Products, …
8
20 July, 2015
Security