BIOMETRIC CONSORTIUM CONFERENCEAFCEA IDENTITY MANAGEMENT FOCUS SESSIONSWhere We Are Today – The Current Landscape of Ident...
►Nov 2008 – May 2009►AT&T, Bank of America,Boeing, Microsoft,Raytheon, etc.►January – July 2008►DoD, DHS, DOJ, HHS,Treasur...
COMMONTHEMES-IMPORTANCE Identity Management is a critical, though oftenunderappreciated, component of successful applicat...
COMMONTHEMES–R&DTechnology available now is good, butimprovements are needed to improve capabilities,resiliency, privacy ...
COMMONTHEMES-STANDARDSInteroperability is difficult if the systems do notshare definitions and data structuresIncreases ...
COMMONTHEMES-PRIVACYImproving IdM can actually enhance privacy protection overthe status quo – if done properlyOutreach ...
COMMONTHEMES–NEEDFORGOVERNANCEIdentity-based systems are inherently connected to oneanother. Overall governance is requir...
SOFARHASLEADTO…NOTMUCH Foundation for CIO Councils’ identity work and for NSTIC NSTAC Report: “Despite laudable progress...
BIOMETRIC CONSORTIUM CONFERENCEAFCEA IDENTITY MANAGEMENT FOCUS SESSIONSWhere We Are Today – The Current Landscape of Ident...
IDMCONCEPTUALLYFrom NSTC Document: (T)he underlying function of identification has been a part ofthe human experience sin...
HOLLYWOODDEPICTIONS
IDENTITYCONCENTRICITYRootCoreOne individual (core)Multiple identities/identifiers
Duane Blackburn434-964-5023dblackburn@mitre.orgDisclaimerThe authors affiliation with The MITRE Corporation is provided fo...
Upcoming SlideShare
Loading in …5
×

Where We Are Today – The Current Landscape of Identity Management

697 views

Published on

Opening address of the identity management track within the Biometric Consortium Conference (2012).

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Where We Are Today – The Current Landscape of Identity Management

  1. 1. BIOMETRIC CONSORTIUM CONFERENCEAFCEA IDENTITY MANAGEMENT FOCUS SESSIONSWhere We Are Today – The Current Landscape of Identity ManagementDuane Blackburn, MITRE Corporation18 September 2012Approved for Public Release: 12-3821. Distribution Unlimited©2012-The MITRE Corporation. All rights reserved.
  2. 2. ►Nov 2008 – May 2009►AT&T, Bank of America,Boeing, Microsoft,Raytheon, etc.►January – July 2008►DoD, DHS, DOJ, HHS,Treasury, DOS, NIST,GSA, VA, IRS, FTC,NASA, NSF
  3. 3. COMMONTHEMES-IMPORTANCE Identity Management is a critical, though oftenunderappreciated, component of successful applications in avariety of sectors IdM can help remove barriers to collaboration and innovationby ensuring trust People/things have only one “true” identity, but severalaliases with varying degrees of confidence in the linkages tothe “true” identity. How to enable and manage these identities properly in a singleapplication is difficult, but is even more difficult across interconnectedsystems IdM activities in one application impacts and relies uponothers, though these impacts aren’t normally understood oraccounted for
  4. 4. COMMONTHEMES–R&DTechnology available now is good, butimprovements are needed to improve capabilities,resiliency, privacy protection, convenience andsecurityResearch is needed on how to best combinedifferent technologiesResearcher access to useful data is an inhibitorSide to side comparisons of technology options isdifficult/confusing and isn’t keeping pace with newproducts
  5. 5. COMMONTHEMES-STANDARDSInteroperability is difficult if the systems do notshare definitions and data structuresIncreases the chance of errors, which would bepropagated throughout the interconnectedsystemsMarket-based and consensus-supported standardsmost likely to be universally acceptedThe existence and use of universal standards (or lackthereof) is often viewed as an indicator of amarket/technology’s maturity
  6. 6. COMMONTHEMES-PRIVACYImproving IdM can actually enhance privacy protection overthe status quo – if done properlyOutreach is an important aspect of privacy policyEven if the privacy policy is correct, negative publicperception will scuttle a program quicklyPrivacy isn’t just for lawyersBuilding protections directly into the technology willprovide greater assurance that the protections areimplemented thoroughly and consistently.A single IdM privacy breach creates enduring problems inmultiple systemsPrivacy and security aren’t mutually exclusive
  7. 7. COMMONTHEMES–NEEDFORGOVERNANCEIdentity-based systems are inherently connected to oneanother. Overall governance is required to manage thisproperly rather than ad-hoc or not at allAll levels of government have the responsibility to ensure thesafety and wellbeing of its citizenry – and IdM has clearimpacts on national security, the economy, cyberspace, andindividual healthcareGovernment must provide leadership and work with allstakeholders to create favorable conditions for thedevelopment of IdM that benefits users
  8. 8. SOFARHASLEADTO…NOTMUCH Foundation for CIO Councils’ identity work and for NSTIC NSTAC Report: “Despite laudable progress being made in many differentareas across a broad organizational front, Government does not yet havea cohesive strategy to fulfill the potential of its considerable investmentin all aspects of IdM, nor to meet the emergent need.”
  9. 9. BIOMETRIC CONSORTIUM CONFERENCEAFCEA IDENTITY MANAGEMENT FOCUS SESSIONSWhere We Are Today – The Current Landscape of Identity ManagementDuane Blackburn, MITRE Corporation18 September 2012Approved for Public Release: 12-3821. Distribution Unlimited©2012-The MITRE Corporation. All rights reserved.
  10. 10. IDMCONCEPTUALLYFrom NSTC Document: (T)he underlying function of identification has been a part ofthe human experience since the growth of social complexityintroduced differentiated roles, rights, privileges, andresources into communities. Some of these “uniqueabilities” came with the membership of a class or group,while others represented individual characteristics.Sometimes there was an identifying badge, mark, object, orother way to visually distinguish the individual with a specificrole; sometimes this could only be known from personalinteraction.”
  11. 11. HOLLYWOODDEPICTIONS
  12. 12. IDENTITYCONCENTRICITYRootCoreOne individual (core)Multiple identities/identifiers
  13. 13. Duane Blackburn434-964-5023dblackburn@mitre.orgDisclaimerThe authors affiliation with The MITRE Corporation is provided for identification purposes only, and is not intended to convey or implyMITREs concurrence with, or support for, the positions,opinions or viewpoints expressed by the author

×