Industry View

Your Identity: "Costanza Style"

Your identity, like an overcrowded wallet, is ready to burst. David Miller, chief security officer for Covisint, tells us how to solve the problem

By David Miller, CSO, Covisint

Page 4

The financial industry virtually eliminated the credit identity problem overnight with a simple 2' x 3' piece of plastic mixed with a boatload of trust and the willingness to solve a previously unsolved problem. Prior to BankAmericard, there just weren't many good, efficient, universally accepted and secure options for handling large amounts of transactions other than with cash.

Historical precedent, historical solution

Interestingly enough, Covisint, my company, already solves the identity problem for healthcare, manufacturing and other industries in much the same way that credit card companies eliminated the identity headache for the world's retailers.

In healthcare, Covisint now links physicians from entire states onto its platform, enabling the secure sharing of information and access to applications: All highly dependent upon a secure, federated identity model.

In manufacturing, Covisint became the electronic, global funnel through which orders were processed, parts were shipped, inventories were tracked and transactions were processed between major companies and their suppliers.

Regardless of industry, the common identity denominator to Covisint's success is that anywhere where large amounts of sensitive data needed to be securely shared, the Covisint collaboration platform fit nicely. The key to it all working was the identity and federation piece. Without that type of security figured out, the entire system would crash like a house of cards. Federation-in-the-cloud was the answer then, and it will be the answer to identities in the future.

Federation is defined as the ability to make identity portable. With identities, federation enables the concept of an "identity broker': A third-party, trusted and secure source that is independent of both parties transacting business.

The Next Identity Model

This new way of managing identities is what I call "The Next Identity Model," and it turns the current and archaic identity model on its head by divorcing oneâ¬"s identity from the data.

Confused? Don't be. Soon, In the Next Identity Model, consumers and businesses alike will align with an identity broker to ensure the validity of each other in a transaction.

Think of it this way: your identity, often one of many username and password combinations today, is tied to each site you visit, each transaction you make. The Next Identity Model dictates that your identity will live outside of any site, any transaction, and become a thing of value, an actual asset, unto itself.

Think also of what happened in the banking industry. In the past, people had to physically walk into their specific bank to obtain cash. Today, with ATMs, all one need do is, with a simple four-digit number and a piece of plastic, prove their identity from virtually any point on the globe. Armed with this proof, the bank follows the bank customer, instead of the other way around. Unlike with the early years of credit, the ATM user is not required to carry scores of different money machine cards. The identity of the ATM holder, the bank customer, is divorced form the bank that originally issued the ATM card.

Identity management

RESOURCE CENTER
Loading...
VIRTUAL CONFERENCE
Security Directions: A Virtual Conference

Security Directions Available On Demand Sept. 30 - Dec. 30

Join us for a virtual event with candid, expert information on top security challenges and issues - all from the comfort of your desktop.

» Register Now

WEBCAST
Protecting PII: How to Work with IT to Manage Risk

Compuware Understand the critical nature of the test data privacy problem and get tips on how to work with IT to implement a test data privacy program.

» View this Webcast

Featured Sponsors