Saturday, March 21, 2009

Identity Management

Identity management (ID management) is a broad administrative area that deals with identifying individuals in a system (such as a country, a network, or an enterprise) and controlling their access to resources within that system by associating user rights and restrictions with the established identity. The driver licensing system is a simple example of identity management: drivers are identified by their license numbers and user specifications (such as "can not drive after dark") are linked to the identifying number.
In an IT network, identity management software is used to automate administrative tasks, such as resetting user passwords. Enabling users to reset their own passwords can save significant money and resources, since a large percentage of help desk calls are password-related. Password synchronization (p-synch) enables a user to access resources across systems with a single password; a more advanced version called single signon enables synchronization across applications as well as systems
In an enterprise setting, identity management is used to increase security and productivity, while decreasing cost and redundant effort. Standards such as Extensible Name Service (XNS) are being developed to enable identity management both within the enterprise and beyond.
In a wider context, industry groups such as the World Wide Web Consortium (W3C) and The Open Group are developing standards that would enable global identity management, in which each individual would be uniquely identified, and all applicable data would be linked to that identity. A position paper on the W3C Web site, Requirements for a Global Identity Management Service, maintains that establishing global identity management is crucial for the development of the Web and Web services. The W3C position paper stipulates, among other things, that such a system that must be universally portable and interoperable; that it must support unlimited identity-related attributes; that it must provide adequate mechanisms for privacy and accountability; and that it must be overseen by an independent governing authority.