Skip to main content

Bees and Honey

"Another challenge is that identity data is typically decentralized. The Department of Motor Vehicles issues drivers licenses, for example, while the Department of Homeland Security issues passports, banks track financial histories, and so on. Most of these organizations have isolated and centralized identity management systems, but the current landscape demands federation and single sign-on (SSO). This makes identity management, protection and verification very cumbersome, costly and risky for all industry enterprises and government agencies."
Jai Singh Arun - Security and Blockchain Innovations Program Director, IBM

Identity architectural landscape is changing and personally I can only think of this very simple analogy between identities and blockchain.
Identities to the blockchain are what the bees are to the honey..
This is as simple as even your grandma would understand :)
Bees (identities) all day collect honey somewhere in the fields.
Coming back to their beehive colony (permission based blockchain distributed ledger)  they decide how much honey to contribute to the overall beehive. Once they put their honey in it becomes an irreversible and immutable transaction. So all the bees in the colony contribute to the honey collection (blockchain :) The honey grows drop by drop just like blockchain grows block by block.
From the beekeeper (book-keeper in the blockchain ledger) perspective bees identities are irrelevant as he/she is only interested in the final product - honey.
Bees do care about their own identities as only workers are allowed to contribute (permission based)
It is beautiful system and everything is organised and ordered nicely.

Now why this is better than the current approach to the IDAM.
Simple to see and understand:
1. Identity Services sprawl
IDAM vendor proliferation stays in the way of the standard unified approach to the identity and access management
Ask yourself a simple question: How many IDAM vendors are out there? Each with the separate product, approach and roadmap. How many identities silos out there as each company have different products in its production stack. Each vendor touts its own product superiority :)
(Children playing in the sandpit with their toy trucks. Mine is better than yours....)
Of course a lot of innovation came out of the competition and we would not be here as if not for the vendors - Oracle, SailPoint, CA, IBM, RSA, Dell, NetIQ, Okta, Centrify, CyberArk - to name a few ( the list is pretty long)

2. Identity Data sprawl
Ask yourself: "How many identity silos my own identity is part of?"
"Do you have any control over who, when and how accesses your identity data?"
Everyone wants your Social Security Number right? Your Driver Licence number, and the list goes on and on...
Ask yourself how many high profile identity data breaches were in the past few years and how many innocent identities were stolen? Few CEO's lost their jobs along the way as well.
And how many of the breaches were not reported in fear of bad publicity etc. etc.?

3. Identity Standards sprawl 
How many identity and access management standards are out there?
Gee where do I start?

Final thoughts:
Now is a different times with centralised approach to identity management systems and decentralised approach to storing the identity data is no longer a viable solution. Too much of the residual risk.
In times of Microservices, Devops, Serverless backends and cloud SaaS we can do better.
Blockchain better :)

Comments

Post a Comment

Popular posts from this blog

Artificial I

Yes not misspelled and my title is right: Artificial I . Lets us zoom for a second on 'why' and 'what' and then we can have a look at 'when'. Why ? Look at yourself in the mirror for 1 min. until you have your image in your memory. (Warning: to some the experience may be to much to take. I am not joking or alluding to anything here. Simply stating the fact that this process is deeply personal and may evoke number of complex emotions. Some of them may be not as pleasant as you would expect it.) Then sit yourself somewhere comfortably and close your eyes. Concentrate and try to bring your image back. You may succeed or you may not. It all depends on your brain ability to recall the images quickly and reliably over time as well as strange desire and ability to forget certain images. Now you probably slowly starting to realize by yourself is 'why' :) We need some sort of third party involvement here to help us along way as we have our limitations...
Post a Comment
Read more

White Hat

Was talking to my friend 'White Hat' He is still hopefull and optimistic. Alone as everyone left to the BlackHat he still picking at his bugs and whatever he can find there. Will he be able to deliver on the promise and save us from Darth forces? I hope he will.
Post a Comment
Read more

Linus hasn’t received any recommendations yet.

I find it extremely interesting that Linus Torvalds Linkedin profile doesn't have any 'Recommendations: Received (0) Given (1) Linus hasn’t received any recommendations yet.' You may say he doesn't need it. Everyone knows he invented Linux. Well almost everyone :) But it also shows and reflects the world we are living. You barely hear his name and he is not in the news. I know people with 10, 100 recommendations. It is all about building and maintaing your connections. So the old saying goes: "Its not what you know, its who you know" It works amazingly well even nowadays in the age of knowledge. I think of the Linus legacy and I think of: Security and stability Extensibility and simplicity I think of Bill Gates legacy and I think of: Unsecure and untrustworthy Proprietory and complex One is humble and down to earth creator The other is shrewd and cunning businessman One is doing OK The other is billionaire You can now run Linux on Windo...
Post a Comment
Read more