Two identity management papers worth reading

* Strategies for Creating an Authoritative Store; Online Identity Theft: Changing the Game

The days are growing shorter and the nights longer as we head into fall. Less time for outdoor play, more time to sit inside and cozy up by the fire with a libation and something to read. I can't provide the tipple, but I can point out some deserving reading material. No pot-boilers, I'm afraid, but a couple of recent white papers that are both educational as well as thought provoking. Not a bad combination.

First up is “Strategies for Creating an Authoritative Store” from Matthew Pollicove at Secude Global Consulting. Secude is an SAP partner and the paper is a strategy briefing for SAP NetWeaver Identity Management (formerly MaXware) clients. The paper is summarized as:

“Creation of an Authoritative Store is a key component of an Identity Management Infrastructure. The Authoritative Store can be created using a number of different strategies. The determination of the best strategy is by a thorough analysis of sources, database resources, available data synchronization tools and the IAM tools in use by the organization.” In other words, it’s all about creating a centralized directory structure upon which to base your provisioning system. This is a good background, basic structure piece for any team that’s considering provisioning for their organization. The only surprise is that Pollicove, who came from MaXware, a leading virtual directory house, doesn’t actually mention the words “virtual directory,” though he does talk about metadirectories. Still, everything he writes is applicable to a standard virtual directory solution.

You’ll need to register for the paper, but it’s worth it. Follow the links from Matt’s blog entry to get to the latest version.

Also worth reading is a new paper from Microsoft’s Trustworthy Computing initiative about identity privacy and security on the Internet. I do wince a bit at the title “Online Identity Theft: Changing the Game” since the reality is that identities aren’t “stolen” they’re misused to commit identity fraud. But if you can overlook that obviously marketing-driven title, the paper is a very good presentation of information card technology – and not just Microsoft’s own CardSpace. As the summary puts it: “A new approach to securely managing online identity is essential - namely, a system that uses an interoperable, vendor-neutral framework and gives end users more direct control over their digital identity. One key component of this system is a new technology called an ‘Information Card,’ which enables the creation of very secure digital entities.”

“Interoperable” and “vendor neutral” are hardly terms we would have expected from Microsoft even five years ago, but a lot has changed in Redmond and there is growing awareness that not everyone uses a Microsoft platform but it is necessary for everyone to have access to key technologies. We can be proud that it is especially in our area – call it the “identity layer” the “identity sector” or the “identity niche” – that this enlightenment is breaking out. The paper even includes a three step “call to action”:

* Adopting advanced digital identities in government, enterprise and online service environments, along with better data governance processes.

* Creating a secure digital identification system that allows convenient online transactions, and also enables higher levels of security—based on real-world verified identities—when appropriate.

* Convening stakeholders to help generate broad support for “changing the game” on identity theft and taking steps to create business and consumer awareness and adoption of information cards, regardless of what computing system or technology they may use.

Download this important paper, read it, then act on it.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Must read: 10 new UI features coming to Windows 10