It requires a consistent reorientation and adjustment of current technologies and methods to meet the upcoming challenges of Identity Management.
Identity and Access Management (IAM) and the ‘sister-discipline’ Identity Access Governance (IAG) are an integral part of the IT infrastructure in medium and large businesses. These systems manage internal user accounts for employees, system administrators and partners. Increasingly, access rights and accounts of customers and suppliers are considered in an IAM compliant view as well.
This expansion of IAM/IAG application spectrum will increase even further in the coming years. Specifically the emergence of the ‘Internet of Things’ would make inclusion of “things” into the scope of IAM/IAG system necessary, because these elements often act on the users behalf, or in direct relation with the user.
Today’s IAM/IAG systems and processes are mostly not designed to meet those expected and anticipated requirements.
Identity management involves defining what users can do on the network and IT systems with specific devices and services, and under what circumstances. Definitions of such access and accounting policies for IAM system processes and workflows performing authorization assignment provisioning is today done using machine optimized policy language. The origin of these policies is however made by the business, in natural language. The policies have to be translated to technical representation requiring close collaboration of the business requesting and technical acting teams.
In much the same way the communication between participating systems need translation, as those most often do nit speak the same ‘language’. Even standard concepts and ideas are representet differently in connected systems.
Limitations of current IAM Systems
Current IAM systems have limitations in respect to a number of more functions required for modern and future ready management of digtial identities of any kind. Innovative approaches are necessary to take IAM/IAG to a new level and meet demands of the 21st century.
Some of these limitations and required improvements include
- Cross System Policy Management
- Modern Back-end Systems
- Complete Master Data Management
- Semantic capabilities
- Handling of Entities vs. Identities
- Modular vs. Monolith architectures
- Concepts of Authorization and Obligation
- Rapid Deployment Scenarios
- Semantic capabilities
Semantic Entity Management
An Identity and Access Management System ready for the upcoming challenges needs to be able to manage any type of entity, regardless if it is a user, a device or a lighbulb. It needs to understand the linkages and interactivities between these entities: it needs to be able to differentiate between a ‘string’ and a ‘thing’ and really understand their relation.
Within a White Paper WedaCon Informationstechnologien GmbH introduces the latest development of an Entity Relationship Management System. The system new feature consistently manages and displays all types of entities and their connections to each other based on semantic and ontology approaches.
To learn more about Entity Relationships, join us at IDM Europe, taking place on Wednesday, 8th 2017 at Mövenpick Amsterdam, or visit http://www.wedacon.net/semantic-entity-management.