Skip to main content

Bees and Honey

"Another challenge is that identity data is typically decentralized. The Department of Motor Vehicles issues drivers licenses, for example, while the Department of Homeland Security issues passports, banks track financial histories, and so on. Most of these organizations have isolated and centralized identity management systems, but the current landscape demands federation and single sign-on (SSO). This makes identity management, protection and verification very cumbersome, costly and risky for all industry enterprises and government agencies."
Jai Singh Arun - Security and Blockchain Innovations Program Director, IBM

Identity architectural landscape is changing and personally I can only think of this very simple analogy between identities and blockchain.
Identities to the blockchain are what the bees are to the honey..
This is as simple as even your grandma would understand :)
Bees (identities) all day collect honey somewhere in the fields.
Coming back to their beehive colony (permission based blockchain distributed ledger)  they decide how much honey to contribute to the overall beehive. Once they put their honey in it becomes an irreversible and immutable transaction. So all the bees in the colony contribute to the honey collection (blockchain :) The honey grows drop by drop just like blockchain grows block by block.
From the beekeeper (book-keeper in the blockchain ledger) perspective bees identities are irrelevant as he/she is only interested in the final product - honey.
Bees do care about their own identities as only workers are allowed to contribute (permission based)
It is beautiful system and everything is organised and ordered nicely.

Now why this is better than the current approach to the IDAM.
Simple to see and understand:
1. Identity Services sprawl
IDAM vendor proliferation stays in the way of the standard unified approach to the identity and access management
Ask yourself a simple question: How many IDAM vendors are out there? Each with the separate product, approach and roadmap. How many identities silos out there as each company have different products in its production stack. Each vendor touts its own product superiority :)
(Children playing in the sandpit with their toy trucks. Mine is better than yours....)
Of course a lot of innovation came out of the competition and we would not be here as if not for the vendors - Oracle, SailPoint, CA, IBM, RSA, Dell, NetIQ, Okta, Centrify, CyberArk - to name a few ( the list is pretty long)

2. Identity Data sprawl
Ask yourself: "How many identity silos my own identity is part of?"
"Do you have any control over who, when and how accesses your identity data?"
Everyone wants your Social Security Number right? Your Driver Licence number, and the list goes on and on...
Ask yourself how many high profile identity data breaches were in the past few years and how many innocent identities were stolen? Few CEO's lost their jobs along the way as well.
And how many of the breaches were not reported in fear of bad publicity etc. etc.?

3. Identity Standards sprawl 
How many identity and access management standards are out there?
Gee where do I start?

Final thoughts:
Now is a different times with centralised approach to identity management systems and decentralised approach to storing the identity data is no longer a viable solution. Too much of the residual risk.
In times of Microservices, Devops, Serverless backends and cloud SaaS we can do better.
Blockchain better :)

Comments

Post a Comment

Popular posts from this blog

Locomotive Breath

Living through the transition period is quite extradionary. We all kinda know and anticipate the outcome but not in a position to do anything about it. Like watching your train leaving the station and taking you for a ride. Matrix showed us the final result with humans being used to power machines. We all in one or the other way using our own energies to breathe the life in cold metal - building networks, programming and maintaining computers. They getting smarter and smarter and we are all excited about the possibilities of artificial intelligence. But the train will arrive to the next station and it will be our turn to get off. The train will be smart enough to move on its own without us. The train will be smart enough to look for sources of alternative energy if we try to stop it. Jethro Tull - Locomotive Breath https://www.youtube.com/watch?v=i19d1QnstsA&list=PLvy5jih231dYToxVkCz4xN2SX6zqVkeYT&index=17
Post a Comment
Read more

Artificial I

Yes not misspelled and my title is right: Artificial I . Lets us zoom for a second on 'why' and 'what' and then we can have a look at 'when'. Why ? Look at yourself in the mirror for 1 min. until you have your image in your memory. (Warning: to some the experience may be to much to take. I am not joking or alluding to anything here. Simply stating the fact that this process is deeply personal and may evoke number of complex emotions. Some of them may be not as pleasant as you would expect it.) Then sit yourself somewhere comfortably and close your eyes. Concentrate and try to bring your image back. You may succeed or you may not. It all depends on your brain ability to recall the images quickly and reliably over time as well as strange desire and ability to forget certain images. Now you probably slowly starting to realize by yourself is 'why' :) We need some sort of third party involvement here to help us along way as we have our limitations
Post a Comment
Read more

White Hat

Was talking to my friend 'White Hat' He is still hopefull and optimistic. Alone as everyone left to the BlackHat he still picking at his bugs and whatever he can find there. Will he be able to deliver on the promise and save us from Darth forces? I hope he will.
Post a Comment
Read more