[Log In] []

Exploring the science and magic of Identity and Access Management
Friday, July 19, 2024

Identities and Relationships: Enable and Protect

Author: Mark Dixon
Wednesday, February 13, 2013
3:31 pm


My thoughts for this post were triggered primarily by two items – me beginning to read “Emergence of the Relationship Economy”  and reading Nishant Kauskik’s tweet Monday:

Is Identity The New Perimeter? – http://t.co/gSQwni5d. Check out the article to see my answer. Hint: It might surprise you. #IAM

I was intrigued by the subsequent conversation:

Ian Glazer:  Good read: http://t.co/gVQHy7MI @NishantK says #IAM is the perimeter. I say relationships are the perimeter. Probably ought to blog this

Dave Kearns:  RT @lpeterman: @iglazer @NishantK Relationships designate the borders of the identity perimeter

Nishant: @iglazer If an account being provisioned to a person is a relationship, if attributes are related to a person, then IAM=Relationship M. So..

Nishant:  @iglazer So…, question is what is the difference between Identity Management and Relationship Management? Where is the separation?

Of course, there were also bits of levity:

Paul Madsen: My take? Circumference is the new perimeter.+

Dave Kearns:  RT @NishantK: @iglazer what is the difference between Identity Management and Relationship Management? Oprah’s name doesn’t come up in IdM

First, I agree that from an information security standpoint, the perimeter has drastically shifted. There is no longer a firm physical or logical perimeter around an enterprise that can be hardened sufficiently to minimize risk to the people and systems inside.

To realize that we must focus on the individual rather than the enterprise boundary as a first line of action and defense certainly seems wise to me.

But what is the correct terminology?  is IAM really Relationship Management?  Is Identity the New Perimeter?  Are Relationships at the real border?

Although I am late to the conversation, here are a few of my thoughts on the subject:

A digital Identity represents a single person or thing in some way.  A digital Identity can certainly include attributes or characteristics that uniquely identify such a person or thing.  A digital Identity surely has value and meaning in and of itself.  However, I believe relationships are what give Identities real substance, particularly as we consider the subject in light of current and emerging business models.

Real-world relationships constitutes linkages between individuals, or between individuals and organizations, or between individuals and things. We may describe digital relationships as the attributes, permissions, entitlements and roles that define how digital identities are linked with organizations, people or things in the overall ecosystem in which the identities reside or participate.

So, is it appropriate to talk about “Identity Management” or “Relationship Management?”  I propose that both are included in the common definition of Identity and Access Management.  Surely, IAM includes managing individual digital identities (e.g.- names, attributes, credentials).  However, IAM also includes the management of relationships – assignment of entitlements to an identity is a good example.

However, I think “management” is the term that is out of whack – not identity or relationship.  Management typically implies one way force, control or direction.  This is the case for traditional IAM – the enterprise creates, owns and governs the identities and associated relationships for all of its users.

On the other hand, in the philosophy behind personal identity management implies that each individual should create, owns and governs his or her own Identity free of coercive control from an enterprise.

I don’t think the boundary is as cut and dried as that.  It is helpful to consider what enterprises really want and what individuals really want.  If we look at the issue that way, I think the verbs “enable” and “protect” are more descriptive than “manage.”

As an individual, I want to participate in systems that “enable” me (as defined by my digital identity) to form relationships that deliver value to me.  I also want systems that “protect” both my identity and the relationships I enter against threats from impostors, thieves and vandals.

On the flip side, I think enterprises seek similar value.  They want to “enable” their users (think digital identities) to establish relationships with systems, people and things that will deliver value to the enterprise.  They also want to “protect” the identities and relationships of their users against threats from bad folk.

The CRM/VRM debate is an example of looking at relationships from different viewpoints.  At one extreme is the enterprise wanting to exert onerous control over all its customers to maximize commerce – hence customer managed by enterprises.  At the other extreme is the enlightened consumer wanting to be free from enterprise tyrany – or vendors managed by consumers.

However, the optimal answer probably somewhere on the scale between the extremes.  In both cases, if we concentrate on what both parties really want, we will progress to a more optimum solution.

If we are to progress toward a highly cooperative ecosystem where multiple  relationships deliver superior value as envisioned by “Emergence of the Relationship Economy,” we must build infrastructure to “enable” and “protect” identities and relationships from multiple points of view.


Comments Off on Identities and Relationships: Enable and Protect . Permalink . Trackback URL
WordPress Tags: ,

Comments are closed.

Copyright © 2005-2016, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.