Beyond a Shadow of a Doubt: The Politics of Identity Management
I am at the Austrian/German/Mexican/US CIO Exchange in Washington DC. Today we are at the CSC world headquarter in Falls Church. We are discussing identity management. CSC set it up with the song â€œbeyond a shadow of the doubtâ€ and 9/11. Identity management as a security challenge. Is this how you would frame it?
Identity management is a core function of any collectivity, therefore, we think about it in different terms in different disciplines (political theory, public policy, business, psychology, etc.). And as we are moving to network society, we need to ask fundamental questions about it.
On the most abstract level, identity management is a set of technologies and process that manage the life-cycle of users, authenticate them and authorize access to resources. It is a relative concept, meaning that identity management should be in proportion to the needs, so ask questions like: What resources are your protecting? What policies govern the resources? How do you translate policy into user attributes? How do you assure compliance? Is the solution standards-based? Is it inter-operable? The CSC approach is to (a) create a vision, strategy, and roadmap, (b) develop identity manager, access manager, and federation manager (an approach that enables the users of one organization to easily and securely access the data and applications of another).
This very important aspect of collective life is at the moment driven by the solutions that vendors can provide (vendor-driven theorizing). We as the netizens/digital natives of this world need to learn to participate in this discourse and start playing the politics of identity management. What are your major concerns concerning identity management in network society?