"Many of the technical choices we’re about to make will be strikingly political.
Who has access to what data?
Where is the line between human choice and machine intelligence?
Why is one computer architecture better than another?
These decisions—and the people who make them—will determine power’s new aspects."
"The Seventh Sense: Power, Fortune, and Survival in the Age of Networks"
I was mesmerised when I read this.
Started to frantically search the author name - Joshua Cooper Ramo.
No he is not an IDAM Architect. The book is not even about IDAM.
But it cuts to the core of what I do for my living and many many others as well.
What a powerful thought:
Identity will be at the heart of power structures of the future.
Hold it for a moment.
What about me? What about my identity? Those are all valid questions to ask in this context.
Unwind to Sep 19 2016 when my friend Steve jokingly asked me:
"where is your blog? where is your thought leadership? where is our industry headed in 3-5 years?"
I have responded with a tint of self defence and what I thought would be a future in my humble opinion:
"Steve common man if I could predict the future would I be joking around.
I would probably work for Elon and make big bucks :)
Having said that the future will be that everyone will own and manage their own identity.
John Lennon style - 'Power to the People' (P2P :)
It will be P2P (person 2 person) and
You will be able to decide who, when and how can access your identity.
The identity will be stored in the Cloud but managed and owned by oneself.
Interactions will be kinda like Oauth 2 and will originate at the source of Identity - YOU"
Now least I knew that many many other people in my industry sensed that.
The future is already here:
(Lets just mentioned some of the initiatives to make the picture clearer)
Kantara Initiave - User Managed Access.
Blockchain - Consensys, Microsoft Azure Blockchain as a Service, Ethereum
OpenID Connect and Oauth 2
Now it makes perfect sense. Why wouldn't you own your own identity (no pun intended :)
When you get hired you can bring it along (similar to BYO in the restaraunt)
so the HR can verify who you are.
When you go to the doctor you bring it along as well - etc. etc. etc.
You own your own identity and the rest just temporarily access it to verify who you are
and then make a link to it without permanently storing your identity information anywhere.
Blockchain to keep track and store records in the Cloud? Perharps.
OIDC and Oauth 2 to access your identity and allow you Web SSO to many services? Perhaps.
Secure exchange of money and anything else one desires between different parties? Perhaps.
As I have said earlier if only I could predict the future.
These are just my thoughts.
One thing for sure is that the entire IDAM architectural landscape has changed.
This will affect every aspect of IDAM - identity, access, priviliged accounts, privacy etc
The Future of IDAM is here, bright and it is about my, yours and our future!
PS. The ink barely dried out on this blog entry as I have learnt that another data breach occured
http://www.bbc.com/news/technology-40331215
with 'Personal details of nearly 200 million US citizens exposed'
In the article Privacy International's policy officer Frederike Kaltheuner has echoed my thoughts:
"You should be in charge of what is happening to your data, who can use it and for what purposes."
Let's watch this space.