Minimum definition of identity
By saragates on May 26, 2006
I was at an event recently that Sun hosted with PWC and a number of top companies that we are working with in the Pacific Northwest. Several people were asking me about living in Austin, and one of the gentleman asked me for my opinion of Vince Young. I told him, "I don't know who that is." It was one of those moments (much like the old EF Hutton commercials -- however people were not hanging on my every word for insight but rather fell silent as they waited for me to either tell them I was joking or to let their horror unfold). Apparently this was especially surprising given that I live outside of Austin, Texas. Anyway, I did not know who Vince Young was.
This got me thinking about identity (well, just about everything gets me thinking about identity) and the set of attributes that make up an identity. We are having a lot of conversations with customers these days about "minimum authorized access" as a definition of identity as companies leverage identity management to help with security and compliance demands. Other days, when we are talking with companies who are using identity management for customer-facing application to drive service levels up and to establish trust, we talk about "maximum allowed access" as the definition of their identity. The interesting thing is, there is no difference between "minimum allowed" and "maximum allowed." It's all the same -- or it should be.
As you go through life, there are people you know, hobbies you enjoy, authors you read, things you care about that are part of your identity at that moment in time. These change. Things fall away, new things come online. The same is true of a network identity. Your role changes, responsibilities get added, projects end and our identity unfolds over time. There is no real need for maximum or minimum definitions, only the need for accuracy at the moment. As the edge becomes the new core, identity management and user-centric computing will increasingly offer this real-time definition of "who are you and what are you allowed to do" across buildings, network access, applications and data.
Now I sort-of know who Vince Young is, and while this story has become part of my identity, at least for a little while, knowledge of and an opinion on this gentleman has not.