[Log In] []

Exploring the science and magic of Identity and Access Management

No problem can be solved from the same consciousness that created it. — Albert Einstein

Tuesday, April 28, 2015

Tony Robbins: Finding Your True Identity

Author: Mark Dixon
Thursday, August 1, 2013
5:01 pm



A link to an uplifting post by Tony Robbins caught my eye this morning – a post about Identity, but not about the digital type – about how we define ourselves.  I was inspired by these words from the post, “The Meaning of Life: Finding your True Identity:”

People have enormous capabilities beyond what’s thought to be possible. The power to tap into our tremendous potential comes from our identity: how we define ourselves, and what believe we can achieve.

Six “Key Principles of Identity” are proposed:

  1. Identity is the most important power that determines our actions.
  2. Once we know who we are, we must learn to be ourselves.
  3. Sometimes, people maintain the illusion that their behavior decides who they really are.
  4. When you take responsibility, you restore your identity.
  5. The fastest way to expand our identity is to do something that’s inconsistent with our current self-image.
  6. Our personal identities are in a constant state of evolution.

Knowing who I am is foundational for my life. I really believe that.


Everything We Own, But Nobody We Know

Author: Mark Dixon
Friday, July 19, 2013
4:20 pm


Egg minder 2

Today I had a very thought provoking Twitter exchange.  It started when I read the article, “GE just invented the first ‘internet of things’ device you’ll actually want to own.” Rather than tweeting the title of that article, I chose to quote a phrase deep in the article:

“pretty soon just about everything we own will have some degree of self-awareness” http://t.co/ZtySg70wMf #IoT

Quite quickly, I received two responses, which were really from the same person. Paul Roberts, tweeting both from his personal account @paulfroberts and his professional account @securityledger, responded: 

@mgd “everything we own” but nobody we know, unfortunately! ;-)

Could it be that as we instrument our lives more completely in order to connect more efficiently with THINGS, we lose touch with PEOPLE we know?

It is ironic that rather than having this discussion face to face with anyone I know, I am sequestered in my home office communicating virtually with folks in cyberspace.  Am I really IN TOUCH more, or progressively OUT OF TOUCH?

Somehow, I believe we can achieve balance in all of this – seeking to capture the good in IoT and virtual connections while not abandoning the real-world relationships we hold dear.



The Irony of Innovation at the Edge

Cloud Computing, Identity, Internet of Things
Author: Mark Dixon
Wednesday, June 5, 2013
5:17 pm


Oh, the irony of our crazy industry!  Back in 2009, I blogged about a book entitled, “The Big Switch:  Re-wiring the World, from Edison to Google,” by Nicholas Carr.  This book proposed that the shift from traditional data center computing to a utility-based computing model will follow the same general trend that electricity generation followed – from a model of each individual factory maintaining its own electricity generation capability to our current utility-based electricity generation and grid delivery model. 

Today I read an intriguing article, “What’s threatening utilities: Innovation at the edge of the grid,” which proposed:

… utilities are structured to treat electricity as a commodity, produced in central power plants and delivered to consumers over long distances in a one-way transaction, with price and reliability of supply the sole concerns.  None of that is working anymore. Lots of forces are conspiring to put the current arrangement under stress, but the most important, in my mind, is a wave of innovation on the “distribution edge” of the grid.


Just think … at the same time as utility-style cloud computing is being hyped as the greatest trend in technology, the electrical utility industry is being decentralized to accommodate both generation and consumption at the edge!

One thing is certain.  Wait a few years and things will change some more!


Google Mobile Backend Starter: AuthN and AuthZ in the Cloud

Author: Mark Dixon
Monday, June 3, 2013
6:39 pm


Of the many articles I read today, which one piqued my interest the most? “Google Launches Mobile Backend Starter, A One-Click Deployable Cloud Backend For Android Apps.”

Mobile Backend Starter provides developers with a one-click deployable mobile backend and a client-side framework for Android that provides them with storage services, access to Google Cloud Messaging, continuous queries and Google’s authentication and authorization features. (emphasis mine)


Google mobile backend arch

Why is this important?  I can think of at least 4 reasons:

  1. If this is the easiest way for developers to embed authentication and authorization functionality into their apps, guess which method they will choose?
  2. If it is easy to exploit back end services from mobile apps, emerging apps will ail be richer in functionality and content, because app developers will focus on real application innovation, rather than re-inventing the AuthN/AuthZ wheel.
  3. Google’s quest to become Identity Provider for the world just took a big step forward.  If app developers can easily rely on Google AuthN/AuthZ, other companies that aspire to be IDPs will be playing catch up.
  4. This pattern of easy-to-use backend infrastructure available to developers could revolutionize application development as we know it – not just mobile apps.

The obvious question is “where are you, Apple?”  But a bigger question is for all of us engaged in enterprise IAM, “how will we quickly adapt to this model?”


Siloed Apps and the Internet of Things

Identity, Internet of Things
Author: Mark Dixon
Friday, May 24, 2013
11:16 am



Paul Madsen posted an excellent article today, “Identity, Application Models and the Internet of Things,” recommending that the prevailing application development model move back to the browser and away from native apps.  He references another excellent article by Scott Jenson, “Mobile Apps Must Die,” which holds that because we use so many native mobile apps, they are “becoming too much trouble to organize and maintain,” and that the native app model, “just can’t take advantage of new opportunities.”

Paul observed how, with the prevailing native app model, the “Internet of things would push us to have 1000s of native applications on our devices, but that would place a completely unrealistic management burden on the User.”

I agree that managing large numbers of apps is becoming very burdensome and counterproductive. Each airline I fly has its own app. Each store I frequent has its own app.  I have apps upon apps upon apps.

I propose, however, that just focusing back on browser apps doesn’t completely solve the problem, particularly with the Internet of Things.  A big problem is the narrow siloed focus of so many apps.

I recently bought a Fitbit device to track all the steps I take and stairs I climb.  It is a nice little device that syncs automatically with an app on my iPhone.  I can also use that app to record food I eat and water I drink along with the automatic recording of steps and stairs.  

However, the app covers only a fairly narrow silo of functionality.  If I want to record other vital statistics (e.g blood pressure or blood glucose), it takes another app.  If I want to record my workout at the gym with any degree of granularity, it takes another app.  Of course, every app has a different concept of my identity. Not good.

Paul’s discussion of a an app to monitor his toaster begs the question – why should I have an app (either web or otherwise) for every device in my house?  Doesn’t it make more sense to have a “home management” app that accommodates toasters, fridges, thermostats, smoke alarms or whatever other Internet connected things may be available?

I propose that we need a new app paradigm that retains the great user interface characteristics of native apps, the “just in time” model of discovery and use that Paul and Scott recommend, coupled with a more integrated approach to solving real life, but more complex use cases.



Diagram: Identity is the New Perimeter

Identity, Information Security
Author: Mark Dixon
Wednesday, May 22, 2013
7:39 am


I like the diagram Mark O’Neill of Vordel put in a recent post, “Identity is the New Perimeter.” That phrase has been floating around for some time, but I think this diagram illustrates the concept in the simplest, clearest way I have seen:


The article does a good job of describing this new way of looking at security.  As Mark mentioned in the post, Bill Gates once said, “security should be based on policy, not topology.”


#IoT, Big Data and Authenticity

Identity, Information Security, Internet of Things
Author: Mark Dixon
Tuesday, May 21, 2013
8:41 pm


Today, I read an interesting white paper, “Big Data in M2M: Tipping Points and Subnets of Things,” published by Machina Research. From the introduction:

This White Paper focuses on three hot topics in the TMT space currently: Big Data and the ‘Internet of Things’, both examined through the prism of machine-to-machine communications. We have grouped these concepts together, since Big Data analytics within M2M really only exists within the context of heterogeneous information sources which can be combined for analysis. And, in many ways, the Internet of Things can be defined in those exact same terms: as a network of heterogeneous devices.

The white paper does a good job of exploring the emerging trends of the Internet of Things, potential business opportunities and challenges faced.

As one could expect, “authenticity and security of different kinds of data,” was identified as a big challenge:

Big Data is about “mashing up” data from multiple sources, and delivering significant insights from the data. It is the combination of data from within the enterprise, from openly available data (for example, data made available by government agencies), from data communities, and from social media. And with every different source of data arises the issues of authenticity and security. Machina Research predicts that as a result of the need for data verification, enterprises will have a greater inclination to process internal and open (government) data prior to mashing-up with social media.

The following diagram shows the increase security risk as more data from external sources is collected and analyzed.


This yet another indicator of how Identity and Access Management will be critical in the successful evolution of the Internet of Things.


Enabling Collaboration by with Social BPM

Author: Mark Dixon
Thursday, May 16, 2013
10:15 am



This morning, I was read a recent Oracle White Paper entitled, “Transforming Customer Experience: The Convergence of Social, Mobile and   Business Process Management.”  It gave interesting perspective on the blending of emerging paradigms – mobile and social – with the older discipline of Business Process Management.

To stay ahead in today’s rapidly changing business environment, organizations need agile business processes that allow them to adapt quickly to evolving markets, customer needs, policies, regulations, and business models. … Social and mobile business models have already contributed important new frameworks for collaboration and information sharing in the enterprise. While these technologies are still in a nascent state, BPM and service oriented architecture (SOA) solutions are well established, providing a history of clear and complementary benefits.

The key is effectively leveraging the strengths of existing, proven architectures while taking advantage of new opportunities:

The term “Social BPM” is sometimes used to describe the use of social tools and techniques in business process improvement efforts. Social BPM helps eliminate barriers between decision makers and the people affected by their decisions. These tools facilitate communication that companies can leverage to improve business processes. Social BPM enables collaboration in the context of BPM and adds the richness of modern social communication tools.

… Social BPM increases business value by extracting information from enterprise systems and using it within social networks. Meanwhile, social technologies permit employees to utilize feedback from social networks to improve business processes.

I found one use case presented in the paper to be particularly instructive. As illustrated in the following diagram,

A claims management system assigns a task to an individual claims worker with the expectation that the user will complete the task to advance the process. Of course, to accomplish this type of knowledge-based task, the individual must often engage other people within the business .


However, Social BPM enables the use of social networking tools to extend collaboration beyond the traditional enterprise boundaries, as shown in the following diagram:


Not only can internal knowledge workers use social networking tools to find each other and share information, but also customers can interact with the process at specific steps, using mobile devices, to supply their own information into a business process. For example, a customer involved in an auto accident might upload photos taken with a cell phone into the process via a claims management app provided by the insurance company.

In order to make this all work, participants will need to use both enterprise and social identity credentials. Because they are using mobile devices, the IAM system must accommodate  mobile, social and cloud infrastructures in order to effectively use information.  This is very much in line with the principles set forth in the Gartner Nexus I addressed yesterday.


Gartner: The Nexus of Forces – Social, Mobile, Cloud and Information

Author: Mark Dixon
Wednesday, May 15, 2013
3:58 pm



Today I read a year-old document published by Gartner, entitled, “The Nexus of Forces: Social, Mobile, Cloud and Information.”  It explains the interaction among these market forces better than any single document I have read:

Research over the past several years has identified the independent evolution of four powerful forces: social, mobile, cloud and information. As a result of consumerization and the ubiquity of connected smart devices, people’s behavior has caused a convergence of these forces.

In the Nexus of Forces, information is the context for delivering enhanced social and mobile experiences. Mobile devices are a platform for effective social networking and new ways of work. Social links people to their work and each other in new and unexpected ways. Cloud enables delivery of information and functionality to users and systems. The forces of the Nexus are intertwined to create a user-driven ecosystem of modern computing. (my emphasis added)

Excerpts from Gartner’s treatment of each of these areas include:


Social is one of the most compelling examples of how consumerization drives enterprise IT practices. It’s hard to think of an activity that is more personal than sharing comments, links and recommendations with friends. Nonetheless, enterprises were quick to see the potential benefits. Comments and recommendations don’t have to be among friends about last night’s game or which shoes to buy; they can also be among colleagues about progress of a project or which supplier provides good value. Consumer vendors were even quicker to see the influence — for good or ill — of friends sharing recommendations on what to buy.


Mobile computing is forcing the biggest change to the way people live since the automobile. And like the automotive revolution, there are many secondary impacts. It changes where people can work. It changes how they spend their day. Mass adoption forces new infrastructure. It spawns new businesses. And it threatens the status quo.


Cloud computing represents the glue for all the forces of the Nexus. It is the model for delivery of whatever computing resources are needed and for activities that grow out of such delivery. Without cloud computing, social interactions would have no place to happen at scale, mobile access would fail to be able to connect to a wide variety of data and functions, and information would be still stuck inside internal systems.


Developing a discipline of innovation through information enables organizations to respond to environmental, customer, employee or product changes as they occur. It will enable companies to leap ahead of their competition in operational or business performance.

Gartner’s conclusion offers this challenge:

The combination of pervasive mobility, near-ubiquitous connectivity, industrial compute services, and information access decreases the gap between idea and action. To take advantage of the Nexus of Forces and respond effectively, organizations must face the challenges of modernizing their systems, skills and mind-sets. Organizations that ignore the Nexus of Forces will be displaced by those that can move into the opportunity space more quickly — and the pace is accelerating.

So, what does this mean for Identity and Access Management?  Just a few thoughts:

  1. While “Social Identity” and “Enterprise Identity” are often now considered separately, I expect that there will be a convergence, or at least a close interoperation of, the two areas. The boundaries between work and personal life are being eroded, with work becoming more of an activity and less of a place.  The challenge of enabling and protecting the convergence of social and enterprise identities has huge security and privacy implications. 
  2. We cannot just focus on solving the IAM challenges of premised-based systems.  IAM strategies must accommodate cloud-based and premise-based systems as an integrated whole.  Addressing one without the other ignores the reality of the modern information landscape.
  3. Mobile devices, not desktop systems, comprise the new majority of user information tools. IAM systems must address the fact that a person may have multiple devices and provide uniform means for addressing things like authentication, authorization, entitlement provisioning, etc. for use across a wide variety of devices.
  4. We must improve our abilities to leverage the use of the huge amounts of information generated by mobile/social/cloud platforms, while protecting the privacy of users and the intellectual property rights of enterprises.
  5. Emerging new computing paradigms designed to accommodate these converging forces, such as personal clouds, will require built-in, scalable, secure IAM infrastructure.
  6. The Gartner Nexus doesn’t explicitly address the emergence of the Internet of Things, but IoT fits well within this overall structure.  The scope of IAM must expand to not only address the rapid growth of mobile computing devices, but the bigger virtual explosion of connected devices.

We live in an interesting time. The pace of technological and social change is accelerating. Wrestling with and resolving IAM challenges across this rapidly changing landscape is critical to efforts to not only cope with but leverage new opportunities caused by these transformative forces.


Humanoid Robot in Space

Identity, Space Travel
Author: Mark Dixon
Friday, May 10, 2013
9:22 am


In the NASA photo below, Expedition 35 Flight Engineer Chris Cassidy has a few light moments with the Robonaut 2 in the Destiny Laboratory onboard the Earth-orbiting International Space Station.

Robonaut 2, or R2, is a dexterous humanoid robot built and designed at NASA Johnson Space Center in Houston, Texas. Sent to the International Space Station in 2011 with the intention of aiding astronauts on dangerous tasks and freeing them from some the more mundane work, upgrades to the R2 system continue to produce novel advances in the field of robotics. 

IronMan he isn’t, but it’s fun to see advances in robotic technology. And even robots have identity.


Copyright © 2005-2013, Mark G. Dixon. All Rights Reserved.
Powered by WordPress.