Research & Development: IAM 3.0

A long time ago, identity management and access control, when they were present, were functions embedded in applications in a customized, proprietary manner; their implementation was never product of an approach that took into account the corporate application environment. For some time now, there has been a general awareness of IAM (1.0), a system comprising various—now almost traditional—components: repositories or directories; administration and provisioning; and access control with strong authentication, web access and federation.

This is all changing with IAM 2.0, which is characterized by a more user-centric management (Web 2.0) and greater respect for privacy; the use of virtual repositories or directories that mask a physical repository or data format; and flexible authentication based on risk and a more granular management of resources, roles and privileges.

In the future, however, IAM 3.0 promises a much more intelligent management of access and identity that will consolidate the premises of IAM 2.0, but also enhance them with semantic technologies (Web 3.0) in which context-awareness will be extremely important. Users will have multiple partial identities (attributes) that can be added using semantic languages and vocabularies such as FOAF, and selected intelligently according to the context. Semantic repositories and/or identity knowledge-bases will be used and, as well as featuring flexible and adaptable authentication, it will be possible to control access via inference and reasoning taking into account the identity information, resource and context in which the access in made.

IAM 3.0 bodes as an expert and intelligent system in which mobility and ubiquity will finally be a reality.