Identity is a socially and historically constructed concept. We learn about our own identity and the identity of others through interactions with family, peers, organizations, institutions, media and other connections we make in our everyday life. Key facets of identity - like gender, social class, age, sexual orientation, race and ethnicity, religion, age, and disability - play significant roles in determining how we understand and experience the world, as well as shaping the types of opportunities and challenges we face. Social and cultural identity is also inextricably linked to issues of power, value systems, and ideology.
At the most basic level, however, identity refers to how people answer the question, “Who are you?”, a question that remains one of the most important questions that most people will ever face. We can ask it of ourselves and of others. In fact, We can face it as individuals and as members of social groups or categories. Sometimes, we may consider explicitly: “Who am I?”; “Who are we?”. And for as long as humanity has existed, we have adapted means of cultural, individual, and social identification `throughout history.
The definition of identity also stems from its usage. Identity is any set of characteristics that define a person and can be used to uniquely identify that person. A person’s identity is made up of their own character combined with their family and social roots.
The set of characteristics are decided by a legitimate issuing authority, most commonly federal or governments or their subsidiaries and any institutions, and may vary from one issuing authority to another. The purpose, though, is common throughout.
WHAT IS DIGITAL IDENTITY?
Several definitions of the term ‘digital identity’, from different perspectives, have appeared in several scholarly types of research. A simple definition is related to one of identity. Thus, identity is defined as a collection of data about a subject that represent attributes, preferences, and traits, so in parallel, in the digital world, a person’s identity is typically referred to as their digital identity. The term ‘digital identity’ has emerged through the evolution of the Internet. Wherever we go, we leave traces of fragmented information about our identity.
Digital identity mechanisms offer the promise of greater efficiency, security, and trust across industries and entities. From the provision of financial services to the government-issued identification, digital identity enables transactions for the movement of people, funds, goods, data, and other resources. Just as instances of digital identity are fragmented, there are a number of different definitions for digital identity across human, legal entities and devices and “things” depending on context and industry.
Digital identity is now often used in ways that require data about persons stored in computer systems to be linked to their civil, or national, identities. Furthermore, the use of digital identities is now so widespread that many discussions refer to “digital identity” as the entire collection of information generated by a person’s online activity. This includes usernames and passwords, online search activities, birth date, social security, and purchasing history. Especially where that information is publicly available and not anonymized, and can be used by others to discover that person’s civic identity. In this wider sense, a digital identity is a version, or facet, of a person’s social identity.
Whilst the benefits of social identities means better usability (fewer passwords, login and registration steps, improved and easy support) and improved intelligence (which make it easier to use these OTT solutions), there are disadvantages concerning privacy or identity theft. This, in turn, is leading to hybrid models which link digital identities generated by service providers with the identities that users provide.
This need, together with the emergence of federated identity management, has given rise to complex scenarios in which identity management is carried out in a fragmented and adaptable way. This fragmentation means that now whoever issues and validates the credentials of a digital identity does not necessarily have to be the owner of the resource. This means being able to provide identity, as well as its management, as a service (IDaaS).
DIGITAL IDENTITY: IDENTITY AS A SERVICE (IDaaS)
The decision to embrace Identity and Access Management as a Service (IDaaS), or cloud-based identity and access management, is a wise choice. IDaaS boosts the digital enterprise’s ability to address governance, employee satisfaction and IT operational efficiency issues while providing opportunities for enhanced agility and workforce productivity. The right IDaaS choice can cut operational costs, reduce risk and save time. However, choosing the ideal solution calls for careful consideration of several key elements: How deep is the provisioning? How easy is it to delegate? And how effectively does the solution accommodate the hybrid enterprise environment?
IDaaS solutions have been around for some time, but until recently, primarily focused on federated single sign-on (SSO) to SaaS applications. While federation for SaaS applications is a good first step for improving the user experience, large enterprises demand more mature solutions that can meet their requirements around security and compliance, and handle the complex challenges of hybrid environments that encompass both legacy on-premises applications as well as new SaaS applications.
IDaaS can play a key role in helping organizations reap the benefits of the hybrid enterprise environment. The right IDaaS solution can lead to the right balance among security, agility and user experience across the hybrid environment. And can provide the workforce with a consumer-grade user experience across on-premises and cloud-based applications: frictionless yet integrated. At the same time, an optimal IDaaS solution empowers the actual owners of the applications (often LOB owners) to move quickly and adopt the applications they need—without waiting for IT. Plus, app owners can easily and securely provide the necessary authentication, access, and entitlements.
HOW IDaaS HELPS
With the evolution of the Internet and its ever-increasing use by individuals, organizations are managing sensitive information of millions of individuals on an online basis. Access to such sensitive details has to be provided and controlled with the utmost efficiency while protecting and promoting individual privacy.
There is more personal information out there than ever before, and most of it is controlled by others. Increasingly people have little control over their own information. This is the real challenge facing organizations and governments in an era of exponential creation, networking and duplication of data, most of which is identifiable in nature.
Identification requirements are everywhere and increasing. Systems users have multiple identities which need to be managed. In the online digital environment identification demands are becoming more frequent. Increasingly, more and more granular information is being collected about individuals by third parties, and this data is being used in novel ways, for novel purposes – not all of which benefit the individual.
While IDaaS solutions have come a long way in the past three to four years, they generally still lack the broad and deep functionality of an on-premises IAM solution. Many cloud-based IAM solutions offer federated SSO to a broad set of cloud apps and basic provisioning capabilities to only a small subset of the apps. Many on-premises IAM capabilities are not supported with IDaaS, especially for legacy on-premises application integrations. Integration with any on-premises applications, if even possible, often requires difficult customization.
The right IDaaS solution can provide a seamless, consumer-grade interface for users to access all apps, both on-premises and in the cloud. An IDaaS solution shouldn’t put all its emphasis on SaaS applications or positions password vaulting as an alternative to more-secure integrations with on-premises applications. Instead, the IDaaS solution should offer the ability to integrate with on-premises IAM solution to leverage existing investments and provide rapid time-to-value, without compromising security.
The ideal solution provides a true, built-in hybrid approach, with SSO to target SaaS and on-premises applications from a single launch pad. Regardless of whether the application is protected by IDaaS or the on-premises IAM systems, the user experience is seamless. This reduces the administrative burden and avoids duplication of effort in managing application access policies. The ideal IDaaS solution lets admins leverage existing on-premises IAM policies and dynamically evaluates policies, no matter where the applications live, to determine who should get access.