|
Friday, May 25, 2007
For an end-user Identity management is about keeping his identity safe online. And as the nature of online frauds is shifting from technical to social in nature, it becomes more and more important for a person who has a decent net presence, to manage his ID properly.
We take a very live example of why ID management is necessary for an end user. Let's assume that Mr. Bean Patrick, the chairman of Olive Inc. has created an account on Yahoo and has added his photos and relevant details to that profile. Now one fine day he goes to orkut.com and does a random search for his name. He finds that a profile with his photo, name and vital details, already exists on orkut, but it hosts a lot of pornographic content and obscene language.
How did this happen needs no explanation. But think about the consequences. Not only is that becoming unpopular, but his reputation could also be at stake in the place he works. This is one of the reasons even ordinary users need to be aware of identity management.
If we shift focus towards enterprises, then identity management there is a completely different ballgame there. There are identity management solutions meant for enterprises as well, but implementing them is no bed of roses. For enterprises ID management is about managing three things: User provisioning; Single Sign On and User Access Control. And if any of the above three fails, ID management can't work for an enterprise. In the pages to follow, we will look at various technologies and standards available in identity management, how to protect your personal identity, and we'll even look at some deployment scenarios for enterprises.
Identity2.0
In real life you can prove your identity by showing your license, PAN card and other authentic government documents. But how do you prove your identity online? When you provide your details online by filling up an online form, the website has very few ways to determine whether your credentials are correct or not. Identity 2.0 claims to provide identity verification on the World Wide Web using OpenID standards. In identity 2.0, a user controls his identity, also known as user a centric model.
The term identity 2.0 was made popular by sxip.com, who have also developed some tools related to identity 2.0. Microsoft is also in this space with Windows Cardspace, also known as infocard, that we have talked about later in the article. Another popular Identity2.0 model is OpenID. Then there are IBM and Novell supporting an open source project called Higgins managed by Eclipse Foundation. Higgins will provide an easy way through which many identity management systems will be able to interact. All of these together and some other players are supposed to make identiy2.0 happen. Right now there are not too many websites supporting identiy2.0. For instance, not even Microsoft is supporting infocard yet, for eg MSN. Lets start with OpenID first.
 |
OpenID
OpenID is a decentralized URL based identity management system in which every user is identified by a URL just like websites. In openID architecture, once you have acquired an OpenID from any of the OpenID identity provider, this openID will be your username when you go to an OpenID enabled website. The OpenID enabled website will send you back to your openID provider where you will have to authenticate yourself. Once authenticated, the provider will send you back to the website with the information required for logging in. This is a like a single sign on over Internet and saves you the hassles of registering with so many websites and remembering all those passwords and other information. In the OpenID framework, users can control what part of their identity is shared by the identity providers like their name, phone number, e-mail etc.
|
