In the current paradigm of Identity Provider, Credential Provider and Relying Party, the question arises: who cares most about proving the identity of the individual requesting service? The RP must manage their own risks related to identification. But how should this be accomplished? Is it the responsibility of the Identity Provider to establish the uniqueness … Continue reading If it walks like a duck, who cares if it’s actually a killer rabbit?
Author: Andrew Hughes
I am exploring the world of mobile digital credentials and trusted identity information management. The internet is changing as authentic identity becomes engrained in risk management equations for online services. My background is in IT security, identity information management, Government IT and systems thinking. My goal for the moment is to find patterns and order in the chaos as new paradigms and architectures for privacy-protective solutions evolve. It's going to be a wild ride.
The future is now, the past is history
In December, I left my job of 14 years to start on this new path. I have always sought complex, developing, 'frothy' environments to work in - I'm a kind of mental adrenaline junky. I love working in areas where things are still developing, nobody knows which way things will settle out and the arguments … Continue reading The future is now, the past is history
Thoughts on All Things Trusted Identity
Over the last few months, I have been immersed in discussions about trusted online identity. Topics have ranged from the nature of trust frameworks, what identity federations actually communicate with each other, models for components in identity proofing and credential management systems, approaches to citizen-centric services and models for electronic identity information. It has been … Continue reading Thoughts on All Things Trusted Identity
IDIM Musings 