Commentary by Mark Wahl, CISA
Organizing principles for identity systems:
Digital ID World opening keynote (20070924)
At the DIDW conference (DIDW2007, co-hosted by CSO), Phil Becker in his opening keynote discusses his "three waves of digital identity in the enterprise":
- the first wave (past): location, as determined by physical presence-based security and private networks, is an implicit "proxy" for security, and identity is submerged in email address books and networks,
- the second wave (present): the growth of public networking decreases the capability of location to be used to provide security, but identity transforms security from a "siege mentality" to "allow access by authorized users", and with digital identity adding stronger authentication and providing increased visibility for meeting compliance requirements, and starts to enable end-user self-service, and
- the third wave (future): drivers of promiscous interconnection of networks and self-service lead to interconnections of identity systems and drives the use of managed but decentralized digital identities to support new experience-driven applications.