2. THEMES
How we got to where we are today … and
where might we want to get to
Where identity providers clash
Architecture for the perfect IdM solution
A look at Entitlement and Risk
IdM is Strategic Infrasructure
3. THE ISSUES SO FAR
IdM systems are becoming more complex as
they become more essential in making
connectivity more transparent for the user
Federated access goes along way to solve
the problem but it doesn’t cope well with the
individual and their own identity
Solutions are based on pushing credentials
to systems … just in case they’re needed; so
the information has to be there … just in
case
4. SOME NEW ISSUES
Multitude of identity providers from non-
traditional sources – Google, Facebook,
Salesforce – all extending into the enterprise
through cloud computing as well as in-the-
cloud IdPs such as Symplified
Emergence of self-assertion – OpenId; users
holding their own identities
The future can never be the same
5. PHEW! THAT’S CHALLENGING!
Yes it is; but it’s the way things are heading
because
Increasingly users will put more value on their
personally provisioned identities than the ones
provided for them by the enterprise
The move to the cloud and SaaS makes the inter-
working with other IdPs more certain
A model based upon pushing identity will ultimately
fail because of its complexity and administrative
challenge
Let’s look at risk to finish off with then …
6. REFERENCES
The Emerging Architecture of Identity
Management (Burton Group, Apr. 2010)
Building an Entitlement Catalog: A critical
success factor of Identity Management
(Burton Group, Aug. 2010)
So … in conclusion (and addressing the
present, not the future)
7. “WHO OWNS IDENTITY MANAGEMENT?”
Role, context & personalisation: something
you can only do in PARTNERSHIP
It’s an institutional issue; can only be
resolved (owned) at an institutional level
Identity management is strategic and cannot
be aligned to any one application … however
important it might be perceived to be!
An entitlement catalogue is as essential for
granular identity management as identifying
those authorised to access entitlements
8. THE CASE FOR FEDERATION
Collaborating and co-operating institutions –
research, joint projects
Open Educational Resources – but how
open do you want it?
Shared Services – enabling distributed
services
Mergers – federating directories
9. SOME FINAL THOUGHTS
Is it time for some joined-up thinking in this
space?
Content-centric - aggregated
data/mashups look to be the future –
Access & Identity Management has to be
able to enable this
How integrated is our thinking between
physical (network) security, identity
management and information security?
Governance, Regulation … and Charging –
are we ready?
10. … AND SOME REALLY FINAL THOUGHTS!
Mobile “me”, eduRoam – are we focused on
PERSONAL computing?
What is the place of the organisation in an
identity space which crosses Federation
boundaries?
Federated Identity & Personal Identity – who
are the IdP of the future?
My conclusion: We need to bring
ID/Access/Information Security Management
much closer together