Blog

In a user-centric approach of identity management the identity model can be fairly simple. Two people interact and it's enough to know "something" about the user. Enough to recognize him or her the next time he or she arrives at the service in question.
However when of organizations and business processes interact and intersect in real life business situations and applications are using identities as a core ”vehicle” and mechanism for setting up business process cooperation, then the simplest models come short and will just not deliver enough to do the job.
Hence, there is a need for a better mechanism and better frameworks. Frameworks that take into account that organizations are different and processes are different. Despite that, the diverse and different organizations need to interact and cooperate and the framework should support and enable it. The cooperation might be targeted to setup a new joint-service as a result of a strategic business decision in two or several companies. Or, it might be an ad-hoc situation of organizations that need to create an ad-hoc organization for a certain time-frame.
In Ubisecure we have called it business-oriented IAM. In a joint European co-operation project Role-ID (www.roleid.org) we have called it organization-oriented identity management. The two names reflect basically the same core understanding: the interaction in business and operational use cases is demanding and requires well-focused mechanisms to allow seamless business and operational interaction. In Role-ID the focus was on critical processes, such as public safety, which has made the effort ever so challenging - and hence satisfying to solve.