What Is IDM

What is Identity Management#

Before we can really define IDM, we should define Identity.#

If we said we do "Waste Management" it is pretty evident what we do. We collect garbage. We can easily figure this out as we all know what "Waste" denotes.

However, if you Google identity, you will get a Movie first. Wikipedia shows nothing that really relates to our interest.

The Open Group's Identity Management Forum [1] quotes from the family therapist Salvador Minuchin whom defined identity as "The human experience of identity has two elements: a sense of belonging and a sense of being separate."

Phillip Windley has a book Digital Identity and Wikipedia has some very relevant information on that subject.

I like these. But there needs to be more. Identities even digital identities may not be just persons.

Higgins uses the term Digital Subject and defines it as "Has zero or more Identity Attributes"

By now we should have a good idea as to an what an Identity is as it relates to our context.

IDM - You can't Touch it.#

Every organization does Identity Management. Some do it by filling out forms or sending emails or making phone calls.

Usually when someone implies they are setting up Identity Management, they are applying automation to Identity Management.

IDM is not a product you can sell. IDM is a process of managing digital subjects.

However, Identity management is much more clouded as many of the product vendors want to sell you a product. If the vendors sold you a product that did manage digital subjects, you would probably not be very impressed. As it is not very useful to simple add, delete and modify digital subjects within a data store. You would probably want to do something with these digital subjects that are in your data store.

IDM, by itself is not sexy and so it does not sell well.

Make it Sexy#

The vendor's then throw all the sexy items in to get your attention:
  • Provisioning
  • Password Management
  • Synchronization
  • Role Based Access Control (RBAC)
  • and I am sure we have all heard many others.

Identity Management (IDM) is such a broad subject that we will limit the discussion to Managing Digital Subjects within an Organization which may be referred to as a private Domain.

The purpose of the limitation is to exclude the complexities of dealing with the WEB context of entities but we will see several analogies to WEB contexts even within the organization.

For Our Discussions today we will not be so formal and will try to utilize the "vendor-sexy" definition which includes at least provisioning, password management and synchronization.

For technical types this seems to be the best definition: Identity management is the management of Digital Subjects throughout the life cycle of Digital Subjects.

More Information#

There might be more information for this subject on one of the following: