TWELVE DIAGRAMS TO SAVE YOUR IDENTITY BACON
•Download as PPTX, PDF•
3 likes•1,625 views
ROBERT LAPES, Head of Identity Advisory Services, Capgemini, at the European IRM Summit 2014.
Recommended
Recommended
More Related Content
Similar to TWELVE DIAGRAMS TO SAVE YOUR IDENTITY BACON
Similar to TWELVE DIAGRAMS TO SAVE YOUR IDENTITY BACON (20)
More from ForgeRock
More from ForgeRock (20)
Recently uploaded
Recently uploaded (20)
TWELVE DIAGRAMS TO SAVE YOUR IDENTITY BACON
- 1. Venn and the art of Identity Relationship Management
- 2. Using diagrams to save your identity bacon
- 3. Robert Lapes • 30 years experience in I.T. • 10 years of identity program assurance • Head of IAM Advisory Services • Capgemini UK’s IAM practice • 120,000 staff in 40 countries • 200+ identity specialists worldwide
- 4. Agenda 1. IRM context 2. Why diagrams? 3. What diagrams? – Identity – Relationships – Management 4. Summary and questions
- 5. context
- 6. IRM is the new IAM
- 7. IRM’s four business pillars 1. CONSUMERS and THINGS over employees 2. ADAPTABLE over predictable 3. TOP LINE REVENUE over operating expense 4. VELOCITY over process
- 8. IRM’s four technical pillars 1. INTERNET SCALE over enterprise scale 2. DYNAMIC INTELLIGENCE over static intelligence 3. BORDERLESS over perimeter 4. MODULAR over monolithic
- 9. scale complexity adaptable dynamic bigger faster connected diverse decentral isation non- l inear i ty
- 10. IRM Scale Complexity IxM Internet
- 11. Why diagrams?
- 12. We learn mainly by sight 75% 13% 6% 3% 3% 80% 70% 60% 50% 40% 30% 20% 10% 0% Sight Hearing Touch Smell Taste
- 13. We can process large amounts of visual data
- 14. Writing is a recent invention
- 16. Georg Hegel Philosopher Newspaper editor Headmaster 1770 – 1831
- 18. Georg Hegel “Identity is the identity of identity and non-identity.” particularity universality individuality
- 19. Prof. Ian Goldberg • " Cryptographer Privacy expert b. 1973 Canada Inventor of the “Nymity Slider”
- 20. • " “Privacy and national security are like opposite ends of a slider,“
- 21. • " "Technology is like a magnet that allows individuals to pull that slider back toward themselves.“
- 23. John Venn Theologian Logician Cricketer 1837 – 1923 Inventor of the Venn diagram
- 25. Similar to Euler diagram
- 28. Business Partners Anonymous MyAccount Customers
- 30. Prof. Jiro Kawakita Anthropologist Mountain climber Plant collector 1920 – 2009 Inventor of the Affinity diagram
- 31. “Let the facts speak for themselves” • Too many facts or ideas in apparent chaos • Issues are too large and complex to grasp • Group consensus
- 32. KJ Method or Affinity diagram
- 33. Prof. Peter Chen Computer scientist Inventor of the Entity- Relationship model b. 1947
- 34. “Entities and relationships are a natural way to organize physical things as well as information … “
- 35. “… The ER concept is the basic fundamental principle for conceptual modelling. It has been with us since thousands of years ago and will be with us for many years to come.”
- 37. Entity–relationship model 2 Registrar 5 Attribute Authority Registers for identity Issues identifier Asserts access claim Enrols for service Issues credential 4 Provides service Credential Authority Circle of Trust Authorisation 1 Policy 6 Governance Subject Identity service Authentication service Reliant party Access service 2 Entity 3 Service or Resource
- 39. Prof. Shigeru Mizuno Quality management guru Inventor of matrix diagram
- 40. Matrix diagram Strength of Registration Strength of Authentication Mechanism
- 41. Matrix diagram Source: Eve Maler
- 42. Matrix diagram SAP Microsoft IBM Security strong positive strong positive strong positive Functionality strong positive neutral positive Integration positive positive positive Interoperability positive neutral positive Usability positive neutral neutral Innovativeness positive neutral positive Market Position positive strong positive strong positive Financial strong positive strong positive strong positive Strength Ecosystem positive strong positive strong positive
- 43. Matrix diagram TOGAF Policy Entities & Identity Resources & Assets Authentication & Credentials Authorization & Access Operation & Governance 1 Vision 2 Business Architecture 3 Information System Architecture 4 Technology Architecture 5 Opportunities & Solutions 6 Migration Planning 7 Implementation Governance 8 Change Management 9 Requirements
- 44. Y-Matrix Diagram
- 46. Dr W. Edwards Deming Father of modern quality control Quality management guru 1900 - 1993
- 47. “It is not enough to do your best; you must know what to do and then do your best.”
- 48. The Deming Cycle
- 49. The Deming Cycle Plan Do Check Act Identifier and credential scope Collection and consolidation Mapping and validation Reconcile and remediation Authoritative identifiers and credentials Policy scope Collection and consolidation Policy review Policy remediation Authoritative policy
- 50. Matthew Henry Phineas Riall Sankey Engineer Introduced the first energy flow diagram 1853 – 1926 Ireland
- 55. IRM is the new IAM scale complexi ty adaptable dynamic bigger faster connected diver se decent ral isat ion non- l inear i ty
- 56. Why diagrams? • Data can be hard to understand especially in written form. • Diagrams help us understand complex data and information and identify complex relationships. • We learn better visually.
- 57. These people developed diagrams to make life easier to understand
- 58. Thank you
- 59. Contact information Insert contact picture Robert Lapes Identity Architect robert.lapes@capgemini.com Capgemini UK | Bristol (Toltec) Tel: +44 0 870 194 6658 Insert contact picture Andrew Critchley IAM Proposition Lead andrew.critchley @capgemini.com Capgemini UK | Sale Tel: + 44 (0)7891 154281
Editor's Notes
- Speaker biography Robert Lapes is head of identity advisory services in Capgemini’s IAM practice in the UK. He is a chartered engineer with nearly 30 years of insight and lessons learnt in I.T. For the last ten years he has been working on assurance of large scale identity programs. He has helped senior stakeholders in Government, agencies, NGOs and global businesses to transform and assure their identity strategy and architecture. His architectural research for the EU Guide project has given him a unique insight into fundamentals of identity, trust, privacy and consent. He has combined his experience of over 65 client engagements to develop an IAM framework to help clients to understand how identity drives their business and structure their approach to identity. He lives in the West of England and in his spare time enjoys philosophy, cycling, cider and cider making.
- The objective of your presentation: My presentation will last twenty minutes with five minutes for questions. My presentation is split into four key areas. IRM context Why diagrams? What diagrams? Identity Relationships Management Summary and questions
- Preface about IRM and IAM Pillars of IRM BUSINESS PILLARS CONSUMERS AND THINGS over employees ADAPTABLE over predictable TOP LINE REVENUE over operating expense VELOCITY over process TECHNICAL PILLARS INTERNET SCALE over enterprise scale DYNAMIC INTELLIGENCE over static intelligence BORDERLESS over perimeter MODULAR over monolithic
- https://kantarainitiative.org/irmpillars/
- https://kantarainitiative.org/irmpillars/
- Context?? 7.1B population 3 B employed 205 unemployed 2.5B have bank accounts 2.5 B do not have bank accounts World's top ten largest public and private employers, 2012 = employed 17.6M people Employer Employees Headquarters United States Department of Defense 3.2 million United States People's Liberation Army 2.3 million China Wal-Mart 2.1 million United States McDonald's 1.9 million United States National Health Service (NHS) 1.7 million United Kingdom China National Petroleum Corporation 1.0 million China State Grid Corporation of China 1.5 million China Indian Railways 1.4 million India Indian Armed Forces 1.3 million India Hon Hai Precision Industry (Foxconn) 1.2 million Taiwan Rank Company Country Industry Revenue in USD 1 Wal-Mart USA Retail $476.3 billion 2 Royal Dutch Shell NL/UK Petroleum $459.6 billion 3 Sinopec China Petroleum $457.2 billion 4 Nat. Petroleum Corp. China Petroleum $432.0 billion 5 ExxonMobil USA Petroleum $407.7 billion 6 BP UK Petroleum $396.2 billion 7 State Grid Corp. China Power $333.4 billion 8 Volkswagen Germany Automobiles $261.5 billion 9 Toyota Japan Automobiles $256.5 billion 10 Glencore Switz Commodities $232.7 billion
- 7.1B population 3 B employed 205 unemployed 2.5B have bank accounts 2.5 B do not have bank accounts World's top ten largest public and private employers, 2012 = employed 17.6M people Employer Employees Headquarters United States Department of Defense 3.2 million United States People's Liberation Army 2.3 million China Wal-Mart 2.1 million United States McDonald's 1.9 million United States National Health Service (NHS) 1.7 million United Kingdom China National Petroleum Corporation 1.0 million China State Grid Corporation of China 1.5 million China Indian Railways 1.4 million India Indian Armed Forces 1.3 million India Hon Hai Precision Industry (Foxconn) 1.2 million Taiwan Rank Company Country Industry Revenue in USD 1 Wal-Mart USA Retail $476.3 billion 2 Royal Dutch Shell NL/UK Petroleum $459.6 billion 3 Sinopec China Petroleum $457.2 billion 4 Nat. Petroleum Corp. China Petroleum $432.0 billion 5 ExxonMobil USA Petroleum $407.7 billion 6 BP UK Petroleum $396.2 billion 7 State Grid Corp. China Power $333.4 billion 8 Volkswagen Germany Automobiles $261.5 billion 9 Toyota Japan Automobiles $256.5 billion 10 Glencore Switz Commodities $232.7 billion
- My job is to help clients understand their identity problems and find solutions to them. In many cases clients don’t know what to do or what they want. Frequently this means helping clients to understand the data and information that they already know. I’ve found that diagrams are an excellent way to bring understanding to data and information. Diagrams can be used to visualise: Data; Information; Concepts; Strategy; Metaphors; Compound concepts. This presentation looks at a few useful data, information and concept diagrams. Why are diagrams effective? See also: http://en.wikipedia.org/wiki/Data_visualization http://www.visual-literacy.org/periodic_table/periodic_table.html
- We learn mainly by sight.
- Humans have evolved to process large amounts of visual information. While awake a human has a total brain bandwidth of approximately 100Mb/s or about 10MB/s Diagram: http://en.wikipedia.org/wiki/Tor_N%C3%B8rretranders http://www.mu-sigma.com/uvnewsletter/links.html#a
- In terms of human evolution, writing is a recent innovation. So it is not hard to see why we find pictures, pictograms and diagrams useful ways to convey information. Picture: http://bigpicturehistory.com/wp-content/uploads/2012/08/evolutionOfWriting.jpg
- I’d like to start with a diagram that is based on the work on the German philosopher Georg Hegel. He is regarded as one of Germany’s greatest philosophers. Georg Wilhelm Friedrich Hegel was born in 1770 in Stuttgart, Germany He studied theology, philosophy and logic. He took jobs as a newspaper editor and also as a headmaster to fund his studies. He was interested in philosophy for the common man and building on the ideas of the philosopher Immanuel Kant. Hegel is considered as one of the hardest philosophers to read Hegel dialectic work builds on the works of: Zeno; Heraclitus; Socrates; Plato; and Kant It was a major influence on: Marx; and Engels.
- Hegelian Dialectic The dialectic diagram is a triad of: thesis, antithesis, synthesis It is often used to describe the thought of Hegel, although he never used the term himself. Dialectic is a method of argument for resolving conflict or disagreement. It is a method that is central to both European and Indian philosophy. G.W.F. Hegel reintroduced the idea of dialectics just as the industrial revolution was beginning. Hegel suggested that for every idea that exists (thesis) an opposite and counter idea (anti-thesis) exists. The Synthesis solves the conflict between the thesis and antithesis by reconciling their common truths and forming a new thesis. When applied to IRM it helps us consider what we want, what we don’t want and an acceptable compromise. For example it can help us consider what assurance we need before we make a decision to trust
- Here’s how helpful it can be when you need to sort out identity problems. Three Kinds of Contradiction Being the opposed pair of concepts at first seem flatly opposed, as if they would have nothing at all to do with one another: Being Nothing / Quantity Quality. Only be means of analysis or deduction can they be shown to be intimately interrelated. Essence the opposed pairs immediately imply one another. The Inner and the Outer, for example: to define one is at the same time to define the other. Notion where pairs are linked by a more sophisticated conceptual link, for example the concept of Identity whose component parts, Universality and Particularity, are conceptually interrelated.
- The second identity diagram builds on this concept that identity is not a binary state. Professor Ian Goldberg Born 1973 Canada His Ph.D. thesis at Berkley in 2000 was: “A Pseudonymous Communications Infrastructure for the Internet” This contained the nymity slider. http://en.wikipedia.org/wiki/Ian_Goldberg
- We can trace the origins of the slider back to 1998 when Ian is quoted as saying: “Privacy and national security are like opposite ends of a slider,“ "Technology is like a magnet that allows individuals to pull that slider back toward themselves.“
- We can trace the origins of the slider back to 1998 when Ian is quoted as saying: “Privacy and national security are like opposite ends of a slider,“ "Technology is like a magnet that allows individuals to pull that slider back toward themselves.“
- This is how the Nymity Slider appeared in Goldberg’s thesis. The Nymity Slider builds on Hegel’s dialectic view. In Enterprise IAM you are either identified or you are not. In IRM and the IoT the consumer wants to take control of how they identify themselves.
- John Venn was a noted logician and philosopher born 1837 Kingston upon Hull, Yorkshire, England. Died 1923, Cambridge, England. A Venn diagram or set diagram is a diagram that shows all possible logical relations between a finite collection of sets. It is used in the fields of set theory, probability, logic, statistics, and computer science. Introduced by John Venn in 1880. Published in “On the Diagrammatic and Mechanical Representation of Propositions and Reasonings”
- A Venn diagram or set diagram is a diagram that shows all possible logical relations between a finite collection of sets. It is used in the fields of set theory, probability, logic, statistics, and computer science. Introduced by John Venn in 1880. Published in “On the Diagrammatic and Mechanical Representation of Propositions and Reasonings” This is what his first diagram looked like. The American philosopher Clarence Irving Lewis was the first to use the term "Venn diagram" in his book "A Survey of Symbolic Logic“ published in 1918. http://en.wikipedia.org/wiki/Venn_diagram
- Venn diagrams have regions for all possible combinations of groups whether there are things in those regions or not. Shading indicates if things are actually found in those regions. Euler diagrams only show a region if things exist in that region. An advantage of the Venn diagram is that it can show gaps and missing groups. Diagram source: http://d5lx5634mkgoi.cloudfront.net/wp-content/uploads/2009/09/vennvenn2.png
- In IAM Venn diagrams are useful tools for set and gap analysis. Source: Eve Maler
- A Venn diagram or set diagram is a diagram that shows all possible logical relations between a finite collection of sets. It is used in the fields of set theory, probability, logic, statistics, and computer science. Introduced by John Venn in 1880. Published in “On the Diagrammatic and Mechanical Representation of Propositions and Reasonings” Born 1837 Kingston upon Hull, Yorkshire, England
- Kawakita Jiro (KJ) Japanese anthropologist 1920-2009 Studied at Kyoto University Whilst studying ethno-geography in Nepal during 1960’s he developed a systematic way to find messages in complex qualitative data. It was a bottom-up approach that abducts an idea from data Known as the KJ Method or Affinity diagram http://en.wikipedia.org/wiki/Seven_Management_and_Planning_Tools
- The KJ-Method is an effective a mix of independent brainstorming, group dynamics, and democracy. It allows a team to be creative and critical in a productive manner, to the independent perspectives and experience of the team. It avoids problems created by strong personalities and politics. Note that this method use Eastern philosophy rather than Western scientific approach to capture issues.
- A KJ diagram can be helpful when: • issues are complex – lots of information available, but many potential interpretations team would benefit by learning together – based on facts – developing common understanding and focus • communication and reuse of the information is important – KJ is a powerful way to store and transmit data Record ideas on notes. Look for related ideas. Sort into groups. Thanks to: the inventors of the post-it note: Dr. Spencer Silver and Art Fry
- Prof. Peter Pin-Shan Chen b. 1947 Korea Computer Scientist Developed the Entity Relationship Model His 1976 paper on the Entity-Relationship model (ER model) is one of the most cited papers in the computer software field. An entity-relationship model is a systematic way of describing and defining a business process. It helps to discover “hidden relationships” between entities and associated data. They are the foundation of many systems analysis, design and software engineering methods. In Enterprise IAM – technologist define permissible relationships. In Consumer IRM – relationships are made by consumers and discovered by analysis
- „Entities and relationships are a natural way to organize physical things as well as information … The ER concept is the basic fundamental principle for conceptual modelling. It has been with us since thousands of years ago and will be with us for many years to come.” Many of you have heard about data mining. If you think deeply about what the data mining actually does, you will see the linkage between data mining and the ER model. What is data mining? What does the data mining really is doing? In our view, it is a discovery of “hidden relationships” between data entities. The relationships exist already, and we need to discover them and then take advantage of them. This is different from conventional database design in which the database designers identify the relationships. In data mining, algorithms instead of humans are used to discover the hidden relationships.
- „Entities and relationships are a natural way to organize physical things as well as information … The ER concept is the basic fundamental principle for conceptual modelling. It has been with us since thousands of years ago and will be with us for many years to come.” Many of you have heard about data mining. If you think deeply about what the data mining actually does, you will see the linkage between data mining and the ER model. What is data mining? What does the data mining really is doing? In our view, it is a discovery of “hidden relationships” between data entities. The relationships exist already, and we need to discover them and then take advantage of them. This is different from conventional database design in which the database designers identify the relationships. In data mining, algorithms instead of humans are used to discover the hidden relationships.
- The entity-relationship model can be used as a basis for unification of different views of data: the network model, the relational model and the entity set model. When trying to understand links between ideas or cause–and–effect relationships, such as when trying to identify an area of greatest impact for improvement. When a complex issue is being analyzed for causes. When a complex solution is being implemented. After generating an affinity diagram, cause–and–effect diagram or tree diagram, to more completely explore the relations of ideas.
- The entity-relationship model can be used as a basis for unification of different views of data: the network model, the relational model and the entity set model.
- The matrix diagram shows the relationship between two, three or four groups of information. It also can give information about the relationship, such as its strength, the roles played by various individuals or measurements. Matrix Diagram came out of the work of a committee of the Japanese Society for Quality Control Technique Development that operated from 1972-1979 The matrix diagram was part of the second wave of Japanese quality improvement in the late 1970’s. Shigeru Mizuno included the diagram in his 1988 book, Management for Quality Improvement. Six differently shaped matrices are possible: L, T, Y, X, C and roof–shaped, depending on how many groups must be compared. See: http://asq.org/learn-about-quality/new-management-planning-tools/overview/matrix-diagram.html
- This is a 2D L-shaped matrix. Registration and Authentication assurance The example shows the level of assurance for combinations of registration and authentication strength.
- Another assurance example this time from Eve Maler http://www.xmlgrrl.com/blog/2009/12/31/how-to-rest-assured/
- This matrix diagram example is from a client’s vendor assessment.
- This example L-Matrix maps an identity framework onto an Enterprise Architecture framework.
- Dr William Edwards Deming American engineer, statistician, professor, author, lecturer, and management consultant. 1900 - 1993 Seen by many as the father of modern quality control and a quality management guru Plan; Do; Check (Study); Act It reminds us that IAM programs are one of continuous process improvement
- Father of modern quality control Plan; Do; Check (Study); Act It reminds us that IAM programs are one of continuous process improvement
- Deming championed the work of Dr. Walter Shewhart Plan; Do; Check (Study); Act It reminds us that IAM programs are one of continuous process improvement
- Deming cycle applied to identity framework for an identity data quality review.
- Matthew Henry Phineas Riall Sankey Born County Tipperary in 1853 Sankey introduced the first energy flow diagram in an 1898 article about the energy efficiency of a steam engine in the Minutes of Proceedings of The Institution of Civil Engineers Joiners, Movers, Leavers Identity and identifier types Credentials types and lifecycle events
- In an 1898 article about the energy efficiency of a steam engine in the Minutes of Proceedings of The Institution of Civil Engineers Sankey introduced the first energy flow diagram
- These were initially made famous by Charles Joseph Minard's statistical graphic of 1869, showing the dramatic decrease in number of Napoleon's troops as his army advanced on Moscow and then retreated, with the size of the army indicated by the width of the line. Minard was a pioneer of the use of graphics in engineering and statistics. He is most well known for his cartographic depiction of numerical data on a map of Napoleon's disastrous losses suffered during the Russian campaign of 1812 (in French, Carte figurative des pertes successives en hommes de l'Armée Française dans la campagne de Russie 1812-1813). The illustration depicts Napoleon's army departing the Polish-Russian border. A thick band illustrates the size of his army at specific geographic points during their advance and retreat. It displays six types of data in two dimensions: the number of Napoleon's troops; the distance travelled; temperature; latitude and longitude; direction of travel; and location relative to specific dates.
- Sankey diagram for global Internet traffic in 2010. Source: http://www.telegeography.com/assets/website/images/maps/global-traffic-map-2010/global-traffic-map-2010-l.jpg Joiners, Movers, Leavers Identity and identifier types Credentials types and lifecycle events
- Context?? 7.1B population 3 B employed 205 unemployed 2.5B have bank accounts 2.5 B do not have bank accounts World's top ten largest public and private employers, 2012 = employed 17.6M people Employer Employees Headquarters United States Department of Defense 3.2 million United States People's Liberation Army 2.3 million China Wal-Mart 2.1 million United States McDonald's 1.9 million United States National Health Service (NHS) 1.7 million United Kingdom China National Petroleum Corporation 1.0 million China State Grid Corporation of China 1.5 million China Indian Railways 1.4 million India Indian Armed Forces 1.3 million India Hon Hai Precision Industry (Foxconn) 1.2 million Taiwan Rank Company Country Industry Revenue in USD 1 Wal-Mart USA Retail $476.3 billion 2 Royal Dutch Shell NL/UK Petroleum $459.6 billion 3 Sinopec China Petroleum $457.2 billion 4 Nat. Petroleum Corp. China Petroleum $432.0 billion 5 ExxonMobil USA Petroleum $407.7 billion 6 BP UK Petroleum $396.2 billion 7 State Grid Corp. China Power $333.4 billion 8 Volkswagen Germany Automobiles $261.5 billion 9 Toyota Japan Automobiles $256.5 billion 10 Glencore Switz Commodities $232.7 billion
- Analysis paralysis Diagrams can be used to visualise: Data; Information; Concepts; Strategy; Metaphors; Compound concepts. http://www.visual-literacy.org/periodic_table/periodic_table.html
- Left to Right Ian Goldberg – Nymity Slider W.Edwards Deming - Deming Cycle Peter Chen - Entity Relationship diagram Shigeru Mizuno - Matrix diagram Kawakita Jiro - KJ method / Affinity diagram Matthew Sankey - Sankey diagram John Venn - Venn diagram Georg Hegel - Dialectic
- Speaker biography Robert Lapes is head of identity advisory services in Capgemini’s IAM practice in the UK. He is a chartered engineer with nearly 30 years of insight and lessons learnt in I.T. For the last ten years he has been working on assurance of large scale identity programs. He has helped senior stakeholders in Government, agencies, NGOs and global businesses to transform and assure their identity strategy and architecture. His architectural research for the EU Guide project has given him a unique insight into fundamentals of identity, trust, privacy and consent. He has combined his experience of over 65 client engagements to develop an IAM framework to help clients to understand how identity drives their business and structure their approach to identity. He lives in the West of England and in his spare time enjoys philosophy, cycling, cider and cider making.