2010-06-30

the identity

Summarizing the work done before I try to identify the fundamental objects which are involved in IAM processes and the derived objects which describe the relationships of these fundamental objects.

When we talk about identity management topics not surprisingly the term identity pops up. It seems to be a good idea therefore to start with it. What is the identity after all?
  • In philosophy Identity is the sameness of two things.
  • In object-oriented programming Identity is a property of objects that allows the objects to be distinguished from each other.
But in Identity Management …
  • We usually speak of identity in the singular, but in fact subjects have multiple identities.”
  • These multiple identities or personas, as they are sometimes called, …”.
The sum of all these personas makes up the identity.
In turn personas are to be understood as its projection to the space of information demand in a specific context. The digital representation of this persona is what we call a digital identity.

The fundamental concept of identity management hence is the digital identity. In this context digital identity is defined as a minimal set of information (attributes) necessary to unambiguously identify an individual or a technical object. By this definition the digital identity is the “less rich” sibling” of the (real) identity.

This simple definition has some importance when it comes to data protection: the identity must not disclose more information about the individual than necessary for its identification. This minimal disclosure principle is hence rooted deeply in the very definition of the digital identity. Consequently it should apply to ID-cards (ID on a card) as well.

The digital identity’s lifetime is determined by the period the individual is of importance for the organization. So, when an individual interacts with the enterprise ecosystem the first time, its digital identity is created, regardless whether it is a "user" of the enterprises resources or not. Being a user indicates a specific relationship already: the usage of resources. The digital identity’s life ends when it is no longer of interest for the organization – or when an official regulation demand a termination.

No comments:

Post a Comment