'Federated identity service and directory based on virtualization means forming trust ' Don Graham, Radiant Logic Click To Tweet
Don Graham appears in today’s episode. Don is the Director of Sales for Radiant Logic. The four words that distill the discussion are “Digital Transformation, Identity Transformation.”
After interviewing hundreds of leaders in the area of federal information technology, a reasonable person would conclude that there is a tremendous transition from relying on firewalls and encryption to relying on identity management. This probably is a result of the failure of tradition technologies to protect federal assets.
During the interview, Don Graham gives an overview how identity management has evolved. Microsoft probably started it all off with its Active Directory and it was paralleled with Lightweight Directory Access Protocol (LDAP). This worked until systems had to be integrated into clouds. Then we saw cloud directories and separate databases for, let’s say, human resources.
In a perfect world, these systems could be integrated. However, we have to worry about people moving from agency to agency, people leaving the government all together, contractors, hybrid clouds, and new compliance requirements. All this makes identity management a world class headache.
Don suggests that moving from a role base access control to an attribute-based access control will allow users to accomplish the task of identity management in an effective manner. The way this process is structured is normally with a something called a Federated Identity Service (the confusing acronym FID).
This approach will allow federal information professionals to control authentication as well as authorization – the keys to enabling the zero-trust concept.