Whether we deal with consumer, partner or employees within Identity Management: It all comes down to the relations the digital identity has. Most current IDM solutions are still driven by attributes and roles: If a matching role or attribute is assigned, access is granted (or a specific process is triggered). This works fine with a reasonable number of attributes and roles, but will fail in a mesh of connections to smart devices, things or other entities related whose might need to be enabled to act on behalf of the digital identity.
Attribute or role-based management of identities is like cinema in 2D: it lacks depth (and profundity). A more complete picture is available as soon as we embrace all the related and connected entities (people, jobs, roles, departments, timezone, things, current context), maybe even in a transitional manner.
A relationship can carry much more information than an attribute or a role, and combined with a semantic definition of the entities we would be able to build a truly 'smart' system, which can handle 'Things' rather than 'Strings'.
The case study
Our case study will describe an early IDM system driven by relations, which was already implemented 2008 at a large customer side. During the current re-design phase we are evaluating new processes, paradigm and technologies to build a smarter IDM.
Key Takeaways: