- 280 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
About this book
For almost every organization in the future, both public and private sector, identity management presents both significant opportunities and risks. Successfully managed, it will allow everyone to access products and services that are tailored to their needs and their behaviours. But successful management implies that organizations will have overcome the significant obstacles of security, individual human rights and social concern that could cause the whole process to become mired. Digital Identity Management, based on the work of the annual Digital Identity Forum in London, provides a wide perspective on the subject and explores the current technology available for identity management, its applications within business, and its significance in wider debates about identity, society and the law. This is an essential introduction for organizations seeking to use identity to get closer to customers; for those in government at all levels wrestling with online delivery of targeted services; as well as those concerned with the wider issues of identity, rights, the law, and the potential risks.
Trusted byĀ 375,005 students
Access to over 1.5 million titles for a fair monthly price.
Study more efficiently using our study tools.
Information
SECTION 1
Introduction
This section sets out a basic vision for the management of digital identity and uses it to explain the structure of the book.
CHAPTER 1
The Identity Vision
IDENTITY MANAGEMENT COMPONENTS
When looking at the overlapping evolution of technology and business models, developing a realistic technology roadmap and combining it with fundamental business analysis is a necessary first step towards developing practical organizational strategies. However, we know (from experience and numerous case studies), that it is difficult to predict the future landscape from such a roadmap alone: vision is a necessity if we are to develop ideas as to who the future players in the identity and identity management landscape might be and how their businesses might work. Such is the case in the world of digital identity: the link, as we shall see, between the real and virtual identity domains. As Phil Becker has accurately noted on more than one occasion (for example, Becker 2004), we are in the middle of a genuine paradigm1 shift in this world.
This shift touches all of the component āstacksā (Windley 2004) of identity management (as shown in Figure 1.1) which makes it difficult to get an overall picture of the roadmap. When in the midst of a change of this magnitude and scope, it can be very difficult to see the new paradigm forming. Therefore, creating a consistent and useful shared vision is a more realistic immediate goal.
This book concentrates on one of the stacks set out in Figure 1.1. It is not intended to be a textbook on the basic standards on the left of the diagram (each of those requires a book of its own) but nor does it assume any detailed knowledge of those standards: it draws on what the standards do, rather than what they are. Neither is it intended to be an exploration of the impact of the identity management on the world as a whole on the right side of the diagram. The goals are more modest: to examine the functional components that take basic identity systems and turn them into identity management operations, and to highlight some of the implications of those operations for identity management schemes. In this sense, it is intended to be a primer for public and private sector managers tasked with ādoing something about identityā and helping those managers to begin developing organizational strategies by drawing on the shared vision that I hope will begin to emerge from the chapters, arranged as shown in Figure 1.2 on the next page.
Figure 1.1 A high-level view of ID management components
EXPLOITING TECHNOLOGY
We all need this shared vision to look well beyond the technology. In the identity field, many of the fundamental technologies are actually very well known and well understood, as will be made clear in Section 2, Identity Technologies. Therefore, it is possible to argue that the key technology tools needed to support the new paradigm can be discussed and their implications (together with experiences already gained in a number of sectors) set out with some degree of certainty. These key tools are:
ā¢Public key infrastructure, which provides a mechanism for binding cryptographic keys ā used to encrypt and to digitally sign messages ā to other attributes (such as age or place of birth or whatever) to form ākey certificatesā and for transporting those certificates around the Net. Thus, if a bank wants to send a message to a customer, it can look up the relevant certificate (somewhat like looking up a phone number in a directory) and use the key to send a message which only that specific customer can understand.
Figure 1.2 Chapter structure
ā¢Directories, which are needed to give access to identity and credentials. The management of large directories is not trivial but identity management systems are being implemented in large organizations ranging from corporations to the US Department of Defense, and useful lessons can be learned.
ā¢Smart cards, which provide a particularly convenient mechanism for binding identity to individuals ā with appropriate authentication ā so that when an identity is used, other people can be certain that its rightful owner is present. Thus, a person logging in to their tax authority could put a smart card into their PC and punch in their PIN and the tax authority would know that the person was present.
ā¢Biometrics, there are many different biometric checks ā ranging from iris scan and fingerprinting to body odour and face analyses. These are at varying degrees of maturity and appropriate for different uses, but it is reasonable to note that standardization is proceeding and tools emerging (Carter 2004). Biometrics, by themselves, can achieve little: they must form part of properly designed identity systems (Birch 2004) and this field is developing along with the tools. I expect the mass market use of biometrics as a PIN replacement or augmentation to occur in the relatively near future and lead to significant improvements in authentication, not necessarily in identification, where there are fewer problems (with, for example, privacy; Most 2004).
The general public are familiar with these technologies: in many countries shoppers are used to handing over a smart card and punching in a PIN to pay rather than signing pieces of paper as they do now: more than a 100 million āchip and PINā smart cards are in circulation in the UK. Public key infrastructure (PKI) is, unsurprisingly, less familiar to the general public although many of them use it all the time: to connect to secure shopping sites on the internet, for example (PKI is behind the little padlock symbol that tells browsers they are securely connected to a web server). The widespread interest in electronic identity documents, such as electronic passports and identity cards, means that biometrics are entering the mainstream. Common e-mail packages implement encryption and signing using certificates obtained from directories (although few people currently use them) and the degree of integration is improving.
The commoditization of these identity tools, as the standards mature and the technologies become more reliable and more cost-effective, will lead to experiments and innovations that will inevitably be disruptive. (As Clayton Christensen of Harvard Business School notes, disruption and commoditization are two sides of the same coin: companies find that either disruption takes their markets or commoditization takes their profits.) Spotting the disruptive innovations is probably the key to planning for the next phase of evolution in the identity markets.
Putting together a vision of the future use of these technologies, though, is not a straightforward process. This is because some fundamental issues must be tackled as a prerequisite: how should identity be managed; what kinds of identity are there; which organizations can exploit technological change; who will pay and who can benefit; and (perhaps most importantly) what exactly do we (that is, businesses, individuals and governments) actually mean by āidentityā?
BUILDING BUSINESS MODELS
The technologies are coming together, but the identity management business is searching for new models for both private and public sectors, for smalland large-scale applications, for cross- and multi-channel communications. There are two areas to be explored in formulating these models. These are, as always:
ā¢The technology roadmap. Section 2, Identity Technologies, will help managers to develop their technology roadmap but they should not confuse it with the business roadmap. Just because a company can issue an identity card doesnāt automatically mean that that card will be valued, and just because a consumer can use a certificate online doesnāt mean that the website theyāre trying to connect to will trust it.
ā¢The business vision. If we are at the beginning of a paradigm shift in identity management then it will be very difficult to project existing business models forward across the discontinuity. If this is the case, then we must use the technology roadmap in combination with our shared vision to see how identity tools can be exploited by both private and public sector organizations. Many different approaches, and the practical lessons learned from them, are discussed in Section 3, Identity in Business and Government, which contains both business models for creating and exploiting identity and a variety of case studies from around the world.
These chapters illustrate the wide range of those approaches being explored but also the wide range of requirements. The business functions labelled as ādigital identityā vary from single sign-on in some corporate environments to electronic border control at the international level, and from e-mail digital signatures to biometric access control. Therefore in Section 3 we also put forward a consistent model of digital identity and its relationships with real and virtual identity.
This model should help to compare and contrast the different approaches taken by different sectors and the different tactics chosen by different organizations. The finance sector, for example, has created the Identrus consortium and focused their efforts on governance, risk and contracts, whereas other sectors might prefer to use government-provided identities or federate identities across sectors.
I assume, as do others, that it is unlikely that a single universal business model and therefore a universal identity management scheme will emerge. In a decade or so, people will probably find themselves part of a small number of identity management schemes (much as most people have a small number of credit and debit cards); also, the vision emerging would tend to indicate that within this likely small number of schemes there will be multiple identities. How the schemes will work, and how multiple identities (for people, things and organizations) will be managed, is a fascinating topic.
In Section 4, Digital Identity in Context, we bring together a number of nontechnological factors to discuss how schemes might evolve and how the digital identity vision assembled in this book might help to inform other constituencies and provide real solutions to pressing problems, such as the design of national identity management systems, which is a genuine intellectual challenge as well as a priority in many countries.
THE EVOLUTION OF DIGITAL IDENTITY
The real world demands better identity management, yet to date there has been little progress in introducing the kind of sophisticated identity management discussed in this book: most people donāt si...
Table of contents
- Cover
- Half Title
- Title Page
- Copyright Page
- Table of Contents
- List of Figures
- List of Tables
- Foreword
- Section 1 Introduction
- Section 2 Identity Technologies
- Section 3: Identity in Business and Government
- Section 4: Digital Identity in Context
- Section 5: Where Next?
- Index
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn how to download books offline
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1.5 million books across 990+ topics, weāve got you covered! Learn about our mission
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more about Read Aloud
Yes! You can use the Perlego app on both iOS and Android devices to read anytime, anywhere ā even offline. Perfect for commutes or when youāre on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app
Yes, you can access Digital Identity Management by David Birch in PDF and/or ePUB format, as well as other popular books in Business & Business General. We have over 1.5 million books available in our catalogue for you to explore.