Your SlideShare is downloading. ×
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply



Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Managing Digital Identities: Challenges and Opportunities IdM Panel at TrustBus 2007 Marco Casassa Mont Hewlett-Packard Labs
  • 2.
    • Overview
      • Identity Management (IdM): A Very Complex & Active Area
        • Consolidation of “Classic” IdM in the Enterprise
        • New Trends Impacting on Identity and IdM
        • New IdM Initiatives
      • Old and New Identity Management Issues
      • Top Challenges and Opportunities
  • 3. Identity Management: A Very Complex Area … Users Enterprises/ Orgs Government Old and New Threats Consolidation of Traditional Identity Management in Enterprises Flow of Identity Information Across Boundaries … Whole New Set of Initiatives in the Identity Management Space Identity Information Stored all Over the Places (Devices, Service Providers, Enterprises/Orgs, Govs Sites, etc.)
  • 4. Identity Management: Consolidation in the Enterprise …
  • 5. New Trends Impacting Identity Management Users Enterprises/ Orgs Government - Web 2.0, - Collaborative Networks, - Content Generation & Mash-up, … - Enterprise (Web) 2.0 - Convergence IP/Telco Networks (NGN) - Business-driven IT Management - Risk & Assurance Management - New Laws and Legislation - … - Terrorism, - New Global Threats, - New Legislation, Laws, … - Mobility, - New types and range of Personal Devices - New Services - Convergence of IP/Telco in Next Generation Networking (NGN)
  • 6. Identity Management: A Whole New Set of Initiatives … Users Enterprises/ Orgs Government User-Centric IdM (Identity 2.0) Driven by Web 2.0 & Federated IdM: - OpenId - InfoCard - Sxip - … Identity 2.0 & Web 2.0 for Enterprises: - Content-aware Access Control … National Identity IDs/Cards (biometric IDs, etc.) Device-based Identity Mgmt: - Liberty Alliance Identity-Capable Platforms (ICP) - Next Generation Trusted Computing (TCG) - Network-based Identities … Identity as a Service Privacy Laws, Other Legislation (US RealID, etc.) Business-driven IT Management and Implications for IdM: - ITIL, Cobit, BS7799, … - Federated Identity Assurance Identity Governance & Compliance to Laws - Role Mining in Complex Orgs/M&As, …
  • 7. Identity Management: Old and New Issues … Users Enterprises/ Orgs Government - Privacy: (pseudo-)anonymity vs. need to disclose - New Potential Risks introduced by Identity 2.0 (e.g. Identity Phishing …) - Identity Thefts and Frauds - Lack of (Digital) Education - Lack of User Control on Data - Lack of Assurance and Trust - Too much reliance on Human-based Processes: Lack of Automation of Privacy Management and Compliance Management. … - Lack of IdM + Privacy Standards - Little control given to users over data - Lack of Control, Assurance and Accountability in Outsourced Environments - … - New Potential Privacy Threats for Citizens - Cross-Organisations Data Correlations - …
  • 8. IdM: Challenges and Opportunities (Next 5 Years) Top Challenges Top Opportunities
    • 1. Improve Users’ Control on Their Personal Data (within Devices and Orgs)
    • 2. Enterprise Privacy Management: Automation of Privacy Management and Regulatory Compliance in Enterprises
    • 3. Alignment of Enterprise IdM Practices and Solutions to Business-driven IT Management (ITIL, etc.): Identity Governance, Risk and Assurance Mgmt
    • 4. Secure, Privacy-aware and Trustworthy Federated IdM/SSO
    • Interoperability between various Federated IdM/SSO initiatives
    • 6. Standards to enable Data Exchange between Enterprises/Orgs driven by Security and Privacy Policies and Users’ Preferences
    • Exploitation of Web 2.0 + Identity 2.0 in Enterprises/Organisations …
    1. Improve overall Enterprise IdM Practice and User Experience/Control … 2. New Research & Development Opportunities in the Identity Management Area both at the User and Enterprise sides 3. New Business Opportunities in the Identity Management space in terms of IdM Services, Solutions, Products, …
  • 9.