[Log In] []

Exploring the science and magic of Identity and Access Management
Saturday, May 25, 2024

Secure, Scalable, Low-latency Identity Services

Author: Mark Dixon
Thursday, January 11, 2007
2:35 am

I recently got a glimpse into how a major e-commerce company considers Identity to be a core competency essential to the success of its business. Recognizing Identity to be a critical success factor for its business has caused this company to create a fairly autonomous organization named Identity Services which is responsible for providing “secure, scalable, low-latency Identity Services” to enable buyers, merchants and developers to implement innovative business models. The organization has been challenged to push its envelope of capability to be “faster, more globally distributed and more flexible,” matching the business objectives of the company.

This is significant in a number of ways:

  1. Identity is an essential, core enabler of online business. Identity must not be an afterthought, a necessary evil, or a function forced by government regulation. It is more properly recognized as a key business enabler. The modern business paradigm of delivering highly personalized service to individual consumers demands that Identity is at the core of the business process.
  2. Identity can provide a competitive advantage. Properly delivered Identity services can enable enhanced user experience while securely protecting confidential data, thus increasing feelings of trust and customer satisfaction. Companies that leverage these factors will have a competitive edge in the online marketplace.
  3. Identity strategy must be tightly aligned with business strategy. As a critical enabler of business sucess, Identity services must evolve in harmony with business objectives. For example, global business initiatives will demand global Identity infrastructure. New business models may demand new Identity services. Large business scale will require commensurate Identity services scale.
  4. Identity should be delivered as an integrated set of web services. When Identity is a core business function, services such as authentication, authorization, personal preference and federated relationships should be services accessible to every business application, whether such applications are provided by the enterprise or by its business partners.
  5. Identity services must be highly available with very low latency. Identity services in an online environment are mission critical. Like we depend on five-nines availability for telephone dialtone and very low latency for telephone call connection, we should expect Identity services to be virtually always available with mimimal impact on the duration of a business transaction.

This is just one example of how modern enterprises are seeking to leverage Identity to enable business success. But I think this company’s model will succeed. It recognizes Identity as a fundamental business asset and Identity Management as an enabler of success. That rings true to me.

PS. How do you represent e-commerce in a picture? I really don’t know, but liked the photo from the Penn State website.

Technorati Tags: ,


One Response to “Secure, Scalable, Low-latency Identity Services”

    An interesting set of assertions. Points 1, 3 and 5 I entirely agree with, however 2 and 4 I’d like to discuss further.

    On point 2, Identity does not, in isolation, “securely protect data”. You need the capabilities of a decent multi-user operating system for that, ideally one which is tested (and certified) to standards which show that an authenticated user is unable to engage in potentially-malicious activity outside the scope of their authorisation profile.

    On point 4, surely Identity is about authentication, authorisation, audit and admin at a system / shell level, as well as a web level?

    Comment by Dave Walker on January 11, 2007 at 6:26 am

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.