Identity Management (IdM) has been a serious problem since the establishment of the Internet as a global network used for business and pleasure. Originally identified in a Peter Steiners’ 1993 New Yorker cartoon “On the Internet nobody knows you’re a dog”, the problem is over 15 years old. Yet, little progress has been made towards an optimal solution. In its early stages, IdM was designed to address the problem of controlling access to resources and managing the matching of capabilities with people in well defined situations (e.g., Access Control Lists). In today’s computing environment, IdM involves a variety of user centric, distinct, personal forms of digital identities. Starting with the basics of traditional access control often assimilated to “directory entries” (i.e., ID, password and capability) IdM is generalized to the global networked society we now live in. With the advent Inter-organizational systems (IOS), social networks, e-commerce, m-commerce, service oriented computing and automated agents (such as botnets), the characteristics of IdM evolved to include people, devices, and services. In addition, as the complexity of IdM increases so did related social issues such as legitimacy, authoritativeness, privacy rights, personal information protection as well as broader problems of cyber predators and threats. The tutorial addresses the following IdM topics: history and background (access control), what is IdM, technical challenges, social issues, life cycle, standards, research projects, industry initiatives, paradigms, vendor solutions, implementation challenges, emerging trends, and research concepts.
Hovav, Anat and Berger, Ron, "Identity Management" (2009). AMCIS 2009 Proceedings. 449.