Your SlideShare is downloading. ×
  • Like
Identity Relationship Management: The Community Revolution
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Identity Relationship Management: The Community Revolution

  • 244 views
Published

Joni Brennan, Executive Director of the Kantara Initiative, discusses IRM from a community-based perspective in a Breakout Session at the 2014 IRM Summit in Phoenix, Arizona.

Joni Brennan, Executive Director of the Kantara Initiative, discusses IRM from a community-based perspective in a Breakout Session at the 2014 IRM Summit in Phoenix, Arizona.

Published in Software , Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
244
On SlideShare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
25
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • This shift in business emphasis has a direct technical impact on how we think about identity and access management. As a result, CIOs need to take into account the following business-focused pillars when choosing an IRM solution:
  • Identity and Access Management (IAM) services were traditionally built for a company’s internal use, to assist with manual on and off boarding, and establishing access privileges to company data and systems behind the firewall. Today though, a company must implement a dynamic IAM solution that serves employees, customers, partners and devices, regardless of location. This is the evolution of IAM to IRM: Identity Relationship Management.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • Founded in 2009 as a 501c6. 60+ Organizations, 100’s of Participants, Industry and Governments join Kantara because we value:
    TrustOperating Accreditation, Approval and Certification programs
    PrivacyDeveloping privacy respecting solutions.
    SecurityDeveloping high security solutions and practices
    CommunityBridging technology and policy requirements
  • Enabling communities to verify high-value ID credentials for Trust.Kantara Members have a wealth of experience: Identity Assurance, Privacy, Policy and Information Systems Assessment. We’re here to help your community ensure Federated Identity Systems are verified for trust.
  • Enabling communities to verify high-value ID credentials for Trust.Kantara Members have a wealth of experience: Identity Assurance, Privacy, Policy and Information Systems Assessment. We’re here to help your community ensure Federated Identity Systems are verified for trust.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • As more and more people, devices, and “things” are assigned identities across networks, IRM services that are  simple, flexible, scalable and  designed to quickly verify identities and access privileges, become imperative for any business to safely and efficiently engage with their customers. Today’s solutions must link devices–laptops, phones, touchpads, cars–and new mobile and social apps to a single security platform that works all the time, everywhere, on premises or off in the cloud. This is the standard that customers, citizens, and students expect, and CIOs and their businesses, (as well as governments and universities), must identify vendors that can provide it because these methods of consumer engagement directly drive revenue. Customers might deposit checks from their phone, order a service through a cloud app, or make a purchase from a laptop that recognizes their identity, and shares the right information with the vendor.
    As consumers look for and expect more ways to engage with businesses, companies are making the shift from the closed, protective world of IAM to the open, evolving, and confidently secure IRM universe. This is because identity and access management tools are a necessity for managing trust relationships with parties inside and outside of a company – relationships that are now tied directly to the business’ top line.
  • With Point-to-Point, each connection:
    …takes weeks/months to establish
    …consumes agency resources and incurs significant costs
    …must be maintained perpetually
    Software maintenance
    Updates
    Security patches
    Version control
    …does not ensure interoperability of tokens accepted by different agencies – citizens have to get multiple credentials
    At LOA2+, agencies paying same entities to identity proof and credential the same citizens
  • With Point-to-Point, each connection:
    …takes weeks/months to establish
    …consumes agency resources and incurs significant costs
    …must be maintained perpetually
    Software maintenance
    Updates
    Security patches
    Version control
    …does not ensure interoperability of tokens accepted by different agencies – citizens have to get multiple credentials
    At LOA2+, agencies paying same entities to identity proof and credential the same citizens
  • With Point-to-Point, each connection:
    …takes weeks/months to establish
    …consumes agency resources and incurs significant costs
    …must be maintained perpetually
    Software maintenance
    Updates
    Security patches
    Version control
    …does not ensure interoperability of tokens accepted by different agencies – citizens have to get multiple credentials
    At LOA2+, agencies paying same entities to identity proof and credential the same citizens
  • With Point-to-Point, each connection:
    …takes weeks/months to establish
    …consumes agency resources and incurs significant costs
    …must be maintained perpetually
    Software maintenance
    Updates
    Security patches
    Version control
    …does not ensure interoperability of tokens accepted by different agencies – citizens have to get multiple credentials
    At LOA2+, agencies paying same entities to identity proof and credential the same citizens
  • With Point-to-Point, each connection:
    …takes weeks/months to establish
    …consumes agency resources and incurs significant costs
    …must be maintained perpetually
    Software maintenance
    Updates
    Security patches
    Version control
    …does not ensure interoperability of tokens accepted by different agencies – citizens have to get multiple credentials
    At LOA2+, agencies paying same entities to identity proof and credential the same citizens
  • Enabling communities to verify high-value identity credentials for Trust.Kantara Members have a wealth of experience: Identity Assurance, Privacy, Policy and Information Systems Assessment. We’re here to help your community ensure Federated Identity Systems are verified for trust.
    Application and value to:
    Governments
    Healthcare
    Enterprise
    Commerce
    Research and Academia
  • Modular Approvals to make up full CSP service where appropriate. Distinct assessments and full service assessments wrt integration. Innovating from monolithic compliance programs to assurance verified modular component services
    Credential Service Provider
    Token Manager
    Attribute Provider
    Federation Operator
  • Shifting from a strictly compliance driven approach toward an “outcome based” approach. Enabling enterprise to innovate new solutions and prove their comparability.
    Alternative Means of Compatibility
    Outcome Based
    Peer Reviewed
    Public Log
    Transparency

Transcript

  • 1. Identity Relationship Management The Community Revolution
  • 2. The IRM Story
  • 3. Evolution of Identity Employees Consumers Employees & Partners Things Perimeter Perimeter Federation Perimeter-less Federation Cloud / SaaS Perimeter-less Federation Cloud SaaS Mobility Attributes Context Stateless Relationships
  • 4. Pillars of Identity Relationship Management … CONSUMERS & THINGS over employees ADAPTABLE over predictable REVENUE over operating expense VELOCITY over process and tools INTERNET SCALE over enterprise scale DYNAMIC over static intelligence BORDERLESS over perimeter MODULAR over monolithic BUSINESS PILLARS TECHNICAL PILLARS = = = =
  • 5. Simply Put… SOURCE: http://commons.wikimedia.org/wiki/Language#mediaviewer/File:Languages_world_map.svg
  • 6. What’s Next?
  • 7. IT’S A PARTY!! SOURCE: http://commons.wikimedia.org/wiki/File:Dancing_in_downtown_Colorado_Springs_at_Southside_Johnnys.jpg
  • 8. The Next Generation of Identity & Access Management
  • 9. Identity Relationship Management  ForgeRock – “identity value”  Experian – “agile IDPV / 360 Identity”  Radiant Logic – “context directory”  CA – “perimeter-less”  Avoco Identity – “modular & adaptable”  more and more SOURCE: http://www.shapard.com/2012/03/word-of-mouth/megaphone/
  • 10. Is IRM perfect? SOURCE: http://20px.com/blog/2013/02/09/the-curious-case-of-rainbow-pooping-unicorns/
  • 11. Identity Relationship Management Comments to date…  What does “relationship” meant in IRM?  How is Privacy considered?  Law’s of Relationships  more coming…
  • 12. SOURCE: http://hero.wikia.com/wiki/Kevin_McCallister?file=Home_alone_macaulay_culkin_kevin_mccallister_boy_fear_shout_fright_346_1600x1200.jpg
  • 13. Fear not!
  • 14. Tell us how you ‘do’ IRM! Join the forth coming Industry Group [email] support@kantarainitiative.org [subject] “join IRM” The Community Home  of IRM…
  • 15. IRM Summit Kantara Initiative Overview
  • 16. IRM Summit Kantara Initiative Overview
  • 17. 60+ Leaders 100’s of Participants Trustees At-Large: •Government of Canada •Trans-European Research Education Networking Association
  • 18. What We Do Business Acceleration Initiative Innovating Identity. Connecting Business, Partners, Customers, and Citizens via Trust and Privacy Tools. Connect. Innovate. Trust. The building blocks of Trusted Identity to grow markets, economies, and services …
  • 19. Kantara Initiative Value
  • 20. Trusted Identity  Kantara Programs verify  IdPs and Assessors  Policy, Technology, Privacy  Reusable & applicable:  FICAM, FCCX, NSTIC, EU eIDAS, IDAP, +  IdPs, RPs, FOs  Our part in the trust chain
  • 21. Pilots & Programs
  • 22. Trust Grows Economies SROUCE: http://johngreathouse.com/wp-content/uploads/2012/05/image004.jpg Skilled entrepreneurs bring ideas and money together by building a bridge of trust.
  • 23. FCCX: A better way CitizensCitizensGovernmentGovernment FCCX
  • 24. We’re Working to Connect This…
  • 25. With This…
  • 26. With This… Not to mention…
  • 27. With This…With This Eh!
  • 28. Trust Framework Model RegistrationRegistration VerificationVerification AssessmentAssessment CertificationCertification Trust Status Listing Service Trust Status Listing Service Interested Parties Interested Parties Kantara Trust RegistryKantara Trust Registry
  • 29. Accredited and Approved Verizon Universal Identity Service (VUIS) IDPV Component Recognition Norton Credential Service Provider Registered Applicant MITREid (LoA 1) organizations in pipeline Kantara Accredited to LoA 1-4 Kantara Approved to LoA 1-3 non-crpyto
  • 30. Component Services Responding to industry experts Kantara members developed the modular component service approach. Component Services: •Identity Proofing / Verification •Credential Issuance and Management Responding to industry experts Kantara members developed the modular component service approach. Component Services: •Identity Proofing / Verification •Credential Issuance and Management Identity Proofing & Verification Organizational Trust Credential & Token Management Credential Service Provider
  • 31. MODULAR Assurance
  • 32. ADAPTABLE Assurance
  • 33. Questions? •Kantara Executive Director: Joni Brennan joni@kantarainitiative.org •General Inquiries: support@kantarainitiative.org JOIN INNOVATE TRUST
  • 34. Shaping the Future of Digital Identity  @kantaranews  kantarainitiative.org  kantarainitiative.org/listinfo/community  bit.ly/Kantara_Assurance  kantarainitiative.org/membership/