innovative technology services
What is Access and Identity Management?
We are all familiar with creating accounts and using usernames and passwords to access websites that offer a service that we want to use. The information you enter and is stored represents your 'digital identity' as an individual and the username and password are a means of validating (or authenticating) that the person providing these credentials is the owner of that digital identity.
The growth in scale of the web as a means of delivering electronic services has lead to an increasing importance of our digital identities, including our rights and entitlements to online and real-world services.
The value of the online and real services that such digital identities provide access to, continues to increase, making identities more valuable and identity theft (the use of identity information by someone other than its owner) a serious social and technological issue.
Whilst tightly intertwined, access and identity management can be understood to deal with these issues but from the perspectives of the identity owner, and those who manage user identity data, and those who rely on it in to provide their services:
- Access Management - restricting access to valuable services to those who are entitled to use them
- Identity Management - protecting valuable identity information and managing its provision to enable access to services
These issues, whilst manageable in relatively closed, limited environments, become particularly problematic for users and organisations alike as the scale of users and services grow - as has been the case with the growth of the web. In particular, it is far from easy for users to maintain digital identities (often via a number of accounts) with increasing numbers of service providers making accessing them far from easy.
Technical solutions have been in existence for some time. Eduserv's Athens service was developed in the 1990s and still provides learners and researchers with a single 'digital identity' to access electronic resources for which their organisation (university, college, employer etc.) has paid. However, the emergence of the vast array of other services that now exists on the web and the vast numbers of users accessing them has lead to a range of initiatives to add access and identity management to the underpinning structure of web technology.
There are two distinct approaches to these technology initiatives - usually referred to as federated and user-centric identity management - and both, along with the use of trusted intermediaries, have their merits.
Eduserv's access and identity management solutions, therefore, seek to maximise the benefits of a flexible approach that is capable of supporting both the existing and emerging open and industry standards. This is embodied in the principles used to develop the OpenAthens framework of products and services.
