Think Tank Methods - Identity and Access Management on the cloud: The Misses!

 

This blog entry required us to choose a technology and trend from the Horizon report to discuss. My Horizon report of choice is about Information Security (Educause, 2021).  And the technology I chose to discuss is Identity and Access Management. In its third annual report on emerging trends in science and technology S and T published by the Army, one of its primary objectives aiming to inform leaders across the U.S. Army and stakeholders in the joint, interagency, and international community on S and T trends likely to influence the future operating environment and shape warfighting capabilities over the next 30 years concludes that more than 100 billion devices will be connected to the Internet by 2045. These include mobile phones and wearable devices, medical devices, electrical appliances, industrial sensors, surveillance cameras, cars, and clothing. (“Emerging science and technology trends: 2016-2045: A synthesis of leading forecasts,” 2016). We can already see how vital Identity and access management are here, which considerably increases potential cybercrime risks.

To effectively manage digital identities, Identity management systems need to combine processes, technologies, and strategies and specify how users use them to access multiple resources through a single sign-on mechanism ensuring better control of the personal data dissemination (Mohamed Dafir Ech-Cherif, 2019). In particular, the current identity management landscape and identity federation realm have end-users select an identity provider (IdP) who provides all user attributes to a service provider (SP) that are required to gain access to protected services (Mohamed Dafir Ech-Cherif, 2019). 

Wouldn't it be super cool to present a novel Access Intelligence approach using AI and ML to selectively enable access to external users who have been successfully authenticated by an IAM system into a tenant, mapping users to specific reports in a self-service cloud reporting platform employing a Bring Your Own Identity concept?

The problem usually is, when managing External Identities, cloud-based IAM solutions and other traditional implementations tend to focus more on how users want to sign in to apps and resources in a tenant. They, however, pay little to no attention to users’ relationship to the tenant organization.

Forces that impact the trend and technology

The first of two forces that seem to impact the trend and technology are technological implications concerning how classic identity management and access control programs are based on a centralized, trusted entity with evolving identity management and access control protocols. The second aspect seems to be temporal, relating to future interactions between Identity Elements.

References

Educause. (2021, February 9). Horizon Reports: Identity and access management. Library | EDUCAUSE. https://library.educause.edu/topics/cybersecurity/identity-and-access-management

Emerging science and technology trends: 2016-2045: A synthesis of leading forecasts. (2016, April 1). DTIC. https://apps.dtic.mil/sti/citations/AD1076894

Msmimart. (2021, July 13). Compare external identities - Azure active directory. Developer tools, technical documentation and coding examples | Microsoft Docs. https://docs.microsoft.com/en-us/azure/active-directory/external-identities/compare-with-b2c

Mohamed Dafir Ech-Cherif, E. L. K. (2019, 2019

2021-07-05). A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method. Computers, 8(3), 51. https://doi.org/10.3390/computers8030051

IAM identities (users, user groups, and roles). (n.d.). https://docs.aws.amazon.com/IAM/latest/UserGuide/id.html