2016 is drawing to an end, the goose is getting fat, the lights and decorations are adorning many a fire place and other such cold weather cliches. However, the attention must turn back to identity management and what the future may or may not hold.
Digital identity or consumer based identity and access management (CIAM) has taken a few big steps forward in the last 2 years. Numerous industry analysts, aka Gartner, Forrester and Kuppinger Cole, have carved out CIAM as a new sub topic of IAM, that requires its own market and vendor analysis. I think this is a valuable process, as CIAM projects tend to have very different requirements and implementation steps to traditional internal or employee based IAM.
From a predictions perspective, I see the following top 5 topics becoming key components of any digital identity platform for the next 12-18 months.
1 – Device Pairing Becomes a Base Requirement for IoT
2 – OAuth2 Token Protection Becomes Mainstream
3 – Social Signup Default
The flip side of using a 3rd party, is that you have to trust their vetting, registration and data storage capabilities. Social networks are notorious for the having fake accounts, or accounts that no longer map into the correct owner. If you are a service provider leveraging social sign in, your applications and data assurance standards need to align and add extra levels of assurance or verification as necessary.
4 – Push Authentication Default
5 – Stateless Tokens & Micro-services a Match Made in Heaven
Interesting to see where we are come this time 2017…
This blog post was first published @ www.infosecprofessional.com, included here with permission.