When you want to access a system, which identity is acceptable to use? Can you bring your own from elsewhere? Most online vendors today issue users their own identities – a simple password attached to their email address. I don’t have to elaborate on the weak security that such rudimentary tools offer.
Think of an identity as being like a currency. Unless the currency has ongoing strength and can have its value defended against counterfeiting and other problems, it will, at some point become useless. That’s the problem that many banks have today – their currencies (card numbers and passwords) become useless quickly – because they cannot defend their value, and identities are easily assumed by others. Additionally, all of the overheads associated with the cost of management and replacement, are indirectly passed on to the cardholder.
If online identities are like currencies, every cloud provider is a nation and can create it’s own currency. So how can these thousands of currencies trade together and be assured that each other’s currencies are not counterfeit, or worthless?
Once you grasp the concept, there are several possibilities; the idea of unified groups of currencies (like the Euro) that can be regulated and defended is a contender. As is the notion of validating currencies and other financial instruments that may be traded, while discarding those that cannot.
Whether you favor the free market, or regulation, either approach works. Presently unfolding events for the financial sector, around a mix of sound regulations in the free market pay homage to these ideas.
The Federal Government, the worlds largest user of a unique and secure identity currency (called a FIPS card) is assembling a strategy around where and how it’s identity currency can be traded to enable commerce in the cloud.
What will identity, credentialing and access management look like in the future? Will tens of thousands of unique password systems power commerce without tangling the growth ?
The Federal Government quote, found at www.idmanagement.gov is this: “the goal is a consolidated approach for all government-wide identity, credential and access management activities to ensure alignment, clarity, and interoperability.”
It is a clear message that demonstrates strong leadership: “here is our currency, it’s secure, we will defend it, and we are looking for trading partners. Who wants to ignore an opportunity like that?
The identity train is coming, if you don’t feel the tracks shaking, you soon will.
Posts
