The rise of network-based, automated services in the past decade has
definitely changed the way businesses operate, but not always for the
better. Offering services, conducting transactions and moving data on
the Web opens new opportunities, but many CTOs and CIOs are more
concerned with the risks. Like the rulers of medieval cities, they've
adopted a siege mentality, building walls to keep the bad guys out. It
makes for a secure perimeter, but hampers the flow of commerce.
Fortunately, some corporations are beginning to rethink how they provide
security, so that interactions with customers, employees, partners, and
suppliers will be richer and more flexible. Digital Identity explains
how to go about it. This book details an important concept known as
"identity management architecture" (IMA): a method to provide ample
protection while giving good guys access to vital information and
systems. In today's service-oriented economy, digital identity is
everything. IMA is a coherent, enterprise-wide set of standards,
policies, certifications and management activities that enable companies
like yours to manage digital identity effectively--not just as a
security check, but as a way to extend services and pinpoint the needs
of customers.
Author Phil Windley likens IMA to good city planning. Cities define uses
and design standards to ensure that buildings and city services are
consistent and workable. Within that context, individual buildings--or
system architectures--function as part of the overall plan. With
Windley's experience as VP of product development for Excite@Home.com
and CIO of Governor Michael Leavitt's administration in Utah, he
provides a rich, real-world view of the concepts, issues, and
technologies behind identity management architecture.
How does digital identity increase business opportunity? Windley's
favorite example is the ATM machine. With ATMs, banks can now offer
around-the-clock service, serve more customers simultaneously, and do it
in a variety of new locations. This fascinating book shows CIOs, other
IT professionals, product managers, and programmers how security
planning can support business goals and opportunities, rather than
holding them at bay.
