identity management

Identity Management (IDM- enables organizations to facilitate and control their users' access to critical online applications and resources — while protecting confidential personal and business information from unauthorized access.

 Identity management (IdM) has developed several interpretations in the IT industry and is now associated as the management of a user's credentials and how they might log onto an online system. However, this view is quite narrow. The focus on identity management goes back to the development of directories such as X.500 where a namespace is used to hold named objects that represent real life "identified" entities such as countries, organizations, applications, subscribers and devices. X.509 defined certificates that carried identity attributes as two directory names, the certificate subject and the certificate issuer. X.509 certificates and PKI systems are used to prove one's online "identity". Therefore we can consider identity management as the management of information (as held in a directory) that represents real life identified items (users, devices, services, etc). Engineering such systems means that explicit information and identity engineering tasks become necessary.

The evolution of identity management follows the progression of the internet technology closely. In the early 90's when static web pages / portals were the norm, corporation looked into providing informative content such as, an 'white pages' employee web content. Subsequently, as the information changed, due to employee changes, provision, and deprovisioning, the ability to more efficiently allow self service, and help desk update, morphed into what is known as Identity Management today.

h2. Typical identity management functionalities includes the following:

* User information self service - Password reset - Lost password management - Workflows - Provisioning and De-provisioning of identities from resources

Identity management also refers to solving the age old 'N+1' problem - where anytime a new application is added, a new user datastore is created. The ability to centrally manage the provisioning and de-provisioning of identities, and to consolidate the proliferation of identity stores, are all part of the Identity management process.

The term identity engineering is used where one puts engineering effort into managing large numbers of interrelated items that have identifiers or names.

Identiteits Management

Identity management wordt over het algemeen gezien als een concept. Vrijwel iedereen heeft een eigen definitie voor Identity management. In het algemene concept wordt met name gesproken over Bron- en Doelsystemen. De bronsystemen bevatten broninformatie en/of deelinformatie over een digitale identiteit die procesmatig naar andere systemen wordt getransporteerd (provisioning). De meest gebruikte bronsystemen zijn HRM systemen, CRM systemen en andere identiteitbevattende systemen (bijv. Burgeradministraties en bedrijvenadministraties). Digitale identiteit zijn kenmerken van o.a. personen, maar ook van processen. De voordelen van invoering van Identity management zijn legio maar daardoor voor iedereen anders. Vaak wordt identity management ingezet als kostenbesparend middel, voor informatiebeveiliging, auditing en compliancy.

Identity Management wordt vaak in een adem genoemd met Access Management, toegangscontrole. De afkorting IAM, voor Identity and Access Management, wordt dan ook vaak als gespreksonderwerp gebezigd.

Sources and additional materials :
- Kim Cameron's Identity Blog : and specifically about Cardspace
- The Butler Group has developed a number of reports and analysis documents on the concept, the technologies behind it
- A number of LSEC members are experts on Identity & Access Management implementations, products and technologies

LSEC for Security Professionals


LSEC for Security Companies


LSEC for enterprise & government


LSEC for academia & research institutes


Request information about LSEC Membership

Click here

Sign up for our newsletter

Click here

Learn more about current projects & industry collaborations

Click here

Contact us

Click here


Privacy | Disclaimer | Responsible Disclosure Copyright LSEC - Leaders In Security 2002 - 2017 - Kasteelpark 10, 3001 Heverlee - Leuven | tel. +