Panel Discussion Managing Digital Identities – Challenges and Opportunities

Abstract

Identity Management (IdM) comes in two dimensions: First, the secure and efficient creation, use, and administration of personal attributes which make up a digital identifier of a human and used in large scale global networks, such as the Internet. Second, as in-house IdM which is a core component of enterprise security management. In this panel we will be focusing on both.

In open networks the major question is how IdM has to be organised to enable efficient user identification (on request) and how it would still be possible at the same time to safeguard privacy by avoiding the scenario of a “transparent system user”. The challenges for global IdM are manifold but linked to a basic trade-off-situation: Service providers will only grant electronic access upon successful authentication of a requester, but at the same time users should be able to protect their privacy and transactions shall not be linkable. In addition, in the wake of terrorist threat, the request for global unique electronic identifiers has gained more popularity than ever.

In-house IdM is influenced by organisational and technical drivers. It deals with the management of digital identities during their lifecycle within organisations. Some years ago, technologies like stand-alone Single-Sign-On modules or meta-directories quite often already were branded with the term IdM. Lately researchers as well as software vendors have realised that companies need more than just technical components to solve their identity chaos: Organisations need a comprehensive IdM Infrastructure, bearing in mind technical as well as organisational aspects. In addition to that, the emerging demand for sharing identity information between organisations results in a greater need for standardized data exchange channels.

For IdM on a global as well as on a local scale many technical, organisational and political questions are still to be solved. Data ownership, compliance with laws and regulations, data privacy issues are examples for questions which need to be faced in an efficient way in the future.