What is Identity and Access Management?

Online identity is what I've been building my career on (career phase II), and it is high time I say a bit about what this is. In its most essential form, identity and access management is all about logging on. Whenever you log in to a computer, you are taking part in a small ceremony of telling a computer who you are. There are many ways of doing this; using a username and a password is the most common.

There are some problems with doing things this way, and they can be fixed. Allow me to focus a bit on what might be problematic for you.

1) People forget passwords. It happens all the time, after all, how could you be expected to remember the hundreds of passwords you might have? But why do we have hundreds of passwords? Many people instead have one or two passwords they use everywhere. But what if you give that password away to someone you now wish you hadn't, or what if that password is stolen? It doesn't have to be this way, we don't have to have hundreds of passwords.

2) People move. Changing your address shouldn't be so hard, and your address is certainly a part of your identity. Some people also change their names but still want their old identities to be tied to their new name, for example when they get married.

3) You cannot revoke information once you've given it away. But you should be able to. There is no workable legal framework for doing this today, without spending a lot of time and money.

These are some of the big issues in the identity space. There are another set of big issues if your perspective is one of website operator, such as a bank.

So, this is identity and access management. All of the technology, protocols, and conventions around getting computers to recognize who someone is and managing the information needed to do that.