What is global identity management?
April 21st, 2002 by jiri
When talking with my colleagues on Thursday, I tried to explain what Liberty Alliance, and in fact the whole identity management, is all about. I managed to do that but it made me thinking about ways to explain this more throoughly and in simple terms. Eventually, I have arrived to the explanation, which might still need some polishing, but which is decent enough to be published here:
Global identity management is a nickname for an infrastructure that would enable communicating authentication, authorisation and personal preference information across multiple systems and organisations. Currently, such details are managed at various places by means of various, mutually incompatible technologies. Communication of the identity details between them requires bespoke development and often insecure workarounds. Large software vendors are working on developing consistent and universal way to communicate identity details because they need it for the vision of pervasive computing (anytime, anyplace, anywhere) to become true. Large identity managers (such as banks or airlines) are working on this because for them pervasive computing means pervasive commerce.
The concept, reflected in frameworks developed by Microsoft with IBM or Liberty Alliance, is evolving very quickly and although the relationships of the parties involved has been far from ideal, it seems to be gravitating towards a single set of open standards.
These standards should support creation of infrastructure enabling easy sharing of the identity data as neccessary, respecting privacy of personal details and established trust releations between the subjects involved.
Future versions of user and access management software included in business applications and platforms will likely support this standards natively; legacy technologies will have to use identity-translating wrapper modules. Identity infrastructures owned by corporations will likely be accompanied by commercial or community-based public identity services similar to the one provided by certificate service providers or Passport authentication service nowadays.