Identity as a Service, with avatars

Identity as a Service, with avatars

Summary: The cloud provides the ability to treat identity management as a service, and treat identities themselves as cloud resources.

TOPICS: Cloud, Security

Can cloud shift control of identity management to the end user, where it ultimately belongs? Possibly, if done right.

That's the word from ZapThink/Dovel's Jason Bloomberg, who points out in a new post that cloud offers new options for identity management. Bloomberg calls for the ability for end-users to have their own avatars, maintained in the cloud, and able to access various services. He calls it "a digital representation of our identity that the user controls for themselves. In other words, something like a digital wallet or key ring that manages PII on behalf of the user."

While such technologies have been around for a while, they have been less than enthusiastically embraced. "Big companies didn’t like the idea of giving their customers control of their own identities," Bloomberg says. Enter the cloud. "What the cloud brings to the table is not just the ability to treat identity management as a service," he says. "It also enables us to treat identities themselves as cloud resources." Here's how it works:

"Let’s take the notion of a user identity – or to be more precise, the user’s avatar – and consider it to be a cloud resource. The user, that is, we can provision such avatars as we see fit. And because they’re in the cloud, they’re location independent. Facebook could use our avatar. Assign it privileges or other properties. Or our bank. Or our employer. But we control it.

"Furthermore, we can choose how we control our Avatar. ... Treating identities as cloud resources can also provide privacy boundaries. For example, I might instruct my avatar to provide my Social Security Number to my bank and the IRS, but not to Facebook. And of course, one of the primary benefits of this approach is that I can maintain my personal information in a single place. If I move, I notify my avatar, and everyone I’ve authorized to see my address automatically gets the update."

(Photo: Joe McKendrick.)

Topics: Cloud, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • Companies trust cloud ID management... why?

    Sounds like my netid protocol, though these days I can start calling it a "cloud-based -as-a-service". That reads nicely but the article doesn't explain what about the cloud makes businesses suddenly okay about giving control of peoples' identities back to them.