Identity Mobilized
-
Upload
andy-zmolek -
Category
Documents
-
view
222 -
download
0
Transcript of Identity Mobilized
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 1/17
Identity: Mobilized
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 2/17
Today’s Journey
1. The mobile paradigm2. Lessons from the last paradigm shift
3. Mobile identity as paradigm extension• Extend the web - Consumer: Google, facebook
•
Extend enterprise directory: AD, LDAP4. Mobile identity beyond the web• Mobile Virtualization
• Mobile Biometrics
• Near-Field Communications (NFC)
• Mobile Identity Databases (Neustar)5. Mobile identity platform opportunities
• Device-side: Hardware Supplier/OEM, OS/Technology Supplier,
• Cloud side: Operator, Cloud Service Provider
6. Open discussion
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 3/17
The Mobile Paradigm
A device will replace everything in your wallet
• It is your critical communications center
•
It’s a navigation and entertainment center • It knows more about you than your spouse
• It contains your personal and work identities
• It’s not a PC and won’t replace it entirely.
PC-centric solutions won’t define the mobile experience
Did 3270 terminal emulation define the PC experience?
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 4/17
Lessons from the Last Big Paradigm Shift
1. Consumers drive disruptive innovation; enterprise follows later
2. Enterprise-oriented ecosystems appear in the new paradigm3. Eventually the enterprise must adapt or lose competitiveness
4. New market leaders emerge; few old-paradigm leaders survive
5. Value creation and profit shifts toward software and solutions
Central
Computing
Personal
Computing
Mobile
Computing
1.0 2.0 3.0
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 5/17
Drilldown: Mobile Paradigm Changes
Central
Computing
Personal
Computing
Mobile
Computing• Enterprise owns and
controls equipment
• Vendor selection by
enterprise only
•No consumer use
• Complete control of
enterprise data
• Long sales and
deployment cycles
• Duty cycle: 20 years
• Software: build-to-suit
• Locally-oriented
• Equipment owned by
enterprise or consumer
• Vendor selection by
enterprise or consumer
•Limited consumer use of enterprise gear
(and vice-versa)
• Some control of
enterprise data
• Moderate sales
and deployment cycles
• Duty cycle: 10 years
• Software: packaged
• LAN/WAN-oriented
• Equipment more often
consumer-owned (trend)
• Consumer typically drives ve
ndor selection
•Consumer AND enterprise use of same device
• Deep fear of losing control of
enterprise data
• Short sales and
deployment cycles
• Duty cycle: 3 years or less
• Software: cloud/app store
• Cloud-oriented
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 6/17
Mobile Identity as Paradigm Extension
• First attempts to embrace a new paradigm startby extending the old ones
– This doesn’t mean they will or won’t stick
–
New paradigms bring new dynamics into play• Two potential identity Paradigms to extend
– Web-centric identity
• Primarily consumer-oriented, but also SMB
– Enterprise directory-centered identity• Can include web through SAML for example
• Active Directory and LDAP drive PC-centric enterpriseidentity today and are the default places to extend
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 7/17
Extending the Web (Consumer)
• OpenID is a perfect example of something that
translates OK from PC to mobile
• Google takes this further in Android
– identity based on gmail account
• Facebook does this on multiple platforms
– Android also has explicit idendity, synch features
• Both are well-positioned to create broad
consumer mobile identity ecosystems
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 8/17
Extending the Enterprise Directory
• Active Directory has become the default place
for the PC-centric enterprise to store identity
– Microsoft has a huge vested interest in retaining
the enterprise identity store
– Yet Microsoft still sees mobile devices as an
extension of the PC, not part of AD directly
• Alternative: vendor-neutral directory via LDAP
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 9/17
Mobile Identity Beyond the Web
• Most smartphones serve two purposes:
– Consumer device for private life
– Enterprise device for business life
• Mobile identity systems shouldn’t ignore this
• Web-based identity sucks on a mobile device
– Poor usability, passwords less than ideal
– Mobile app paradigm exists outside web
• There must be a better way (and there is)…
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 10/17
Mobile Virtualization
• One device, two (or more) identities
• Ensure privacy in the consumer experience – Keep personal calls and messages private
–
Install consumer applications without restriction – Maintain private personal cellular number
• Protect business data and applications – Bring Your Own Phone (BYOP) to enterprise IT
–
Potential to separate billing for enterprise usage – IT in full control of enterprise OS, apps, network
– Wipe business data without affecting consumer
– Extend enterprise UC services to mobile device
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 11/17
Mobile Biometrics
• Low-cost fingerprint scanner
– Autentec sensor looks like a trackpad or button
– Swipe in any direction, different directions or fingers
for different functions, easy to use – Delivered with the Motorola Atrix
• Voice-based biometrics
– Hands-free biometric easily run in smartphone
– Higher equal-error rate than others (~10%)
• Visual biometrics – facial recognition
• Emerging: electrical field biometrics
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 12/17
Near-Field Communications
What it is: simple information transfer
• Very short range (nearly touching) - contactless card & reader
• Initialization and configuration of other wireless technologiesas needed based on where you are and what you have
Why it’s useful for identity
• Security credential based on where you are and what you have
• Very low power requirements, particularly in passive mode
• Minimal interference with other devices
• Context, based on what you touch or how you gesture.
• Tool for browsing the physical world
• Standardized by NFC Forum (nfc-forum.org), ECMA and ISO/IEC
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 13/17
Mobile Identity Databases (Neustar)
• Neustar keeps a lot of critical databases for bothlandline and wireless service providers
• In some cases these databases are also legally
mandated – E-911 location databases
– Number portability databases
– North American Numbering Plan Assignment (NANPA)
• All mobile device operators send subscriber datato Neustar that links mobile E.164 (telephone)number to subscriber name with network data
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 14/17
Mobile Identity Platform Opportunities
• Mobile platform itself hasn’t got a WinTel
equivalent yet, but a strong contender exists
– Apple iOS platform is playing the Mac-equivalent
– ARM/Android positioning Google to win
– No better alternative is thriving at this point
• Huge push to avoid commoditization on the
device and cloud sides of the equation
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 15/17
Device-Side Opportunities
• Hardware Supplier/OEM
– Hardware to exploit: Multi-core ARM chipsets
with strong security features: ARM A15 with
virtualization extensions, sensors, NFC, etc.
– Smartphone OEM now has many now-cost options to
integrate into their device; “just add software”
• OS/Technology Supplier
– OS mobile identity framework is best included in the OS
– Expose APIs to enterprise app developers to seed market
– Ride the coattails of NFC mobile payments initiatives
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 16/17
Cloud-Side Opportunities
• Operator-based identity services
– Natural extension of existing subscriber identity
– Also a natural adjacency to NFC-based mobile payments
– Could follow consortium model used by ISIS
• Cloud Service Provider: Mobile Identity-Plus
– Standalone mobile identity provider – not so sure
• What would the funding model be?
– Or mobile identity PLUS:
mobile presence aggregation/distribution, or
mobile payments and affinity program tracking, or
mobile social networking services
8/4/2019 Identity Mobilized
http://slidepdf.com/reader/full/identity-mobilized 17/17
OPEN DISCUSSION
Thank You