This chapter presents a few scenarios to demonstrate the fact that identity management is employed in many aspects of our daily activities and gives a brief history of Identity and Access Management, showing our readers how the Internet has prompted identity problems. The author will discuss some of the challenges exemplified by some scenarios such as passwords, biometrics, social identity, and identity mobility.
TopA Brief History Of Identity And Access Management
In the physical world, a person is a human social entity who has a name, lives in a physical address, with accessible home or mobile phones, and uses services provided by the government as well as financial institutions. When that person is starting to use applications on the Internet such as Facebook and Google+, that person starts to build up the digital identity profile with a variety of online organisations.
A typical online user may hold multiple accounts with different service providers such as Gmail, Hotmail, etc. This is a common scenario for a typical online user’s digital profile may consists of multiple email addresses and multiple digital identities held with different application providers on the Internet. The person may use multiple mobile devices with multiple online accounts and a large number of online transaction histories held with different service providers.
Using passwords to identify the legitimacy of a person’s access to protected resources has long been established. Watchword is a word or short phrase to be communicated, on challenge, to a sentinel or guard in the military. Ancient Roman military uses watchwords as a sign of recognition among members of the same Roman military tribune. The use of watchwords in military use evolved to include not just a word or phrase, but a challenge and a response pair. In the Second World War, paratroopers of the U.S. used the challenge and response style of identification (changed every 3 days).
Passwords have been used with computers since the early days of computing. In 1961, the Compatible Time-Sharing System (CTSS) at the Massachusetts Institute of Technology used user-id and password to establish personal access into the system so as to accommodate multiple users sharing the same Central Processing Unit (CPU) simultaneously using separate consoles. The goal is to set up multiple terminals that can be used by multiple persons but with each person having his own private set of system resources.
When a person wants to use the service of a particular provider, he or she is required to enter a valid password as a proof of identity to the service provider. This is to help keep the provider secure from unauthorised access. Most service providers require their users to follow basic rules when choosing their password to ensure that it cannot be easily compromised, for example:
- •
The password may need to be of a minimum length;
- •
The password may need to contain a specific number of or special characters;
- •
The password may need to be different from previous passwords that have been used before; and
- •
The password may need to be changed at a regular interval.
Contemporary IAM solutions have been developed by vendors such as Oracle, Microsoft, IBM, etc. These commercial identity management systems provide application and platform specific identity and access control functionality, by aggregating identity-related information from multiple data-sources. The primary goal of these enterprise identity management systems is to provide organisations with a unified view of a user's/resources identity in a heterogeneous enterprise IT environment.
According to Lasance (2013), the term ‘Meta Directory’ was first introduced by a company called Zoomit Corporation which was subsequently acquired by Microsoft in 1999. The managing director of Zoomit, Kim Cameron, became Microsoft’s chief architect for identity and privacy.