Courion Corporation

The evolution of managed user access

Tweet

 

The Kantara Initiative is a professional organization dedicated to bridging and harmonizing the identity community with actions that will help ensure secure, identity-based on-line interactions while preventing misuse of personal information so that networks will become privacy protecting and more natively trustworthy environments.

The User Managed Access (UMA) working group at Kantara is working on defining protocols that give end users control over their online data. Looking back, it’s hard to believe how far we’ve come.

During the early days of Courion, when we were promoting the industry’s first self-service password management solution, we had a lot of IT personnel telling us that there was no way they would ever allow workers to reset their own passwords. Things have changed quite a bit, and today it’s a common occurrence in the enterprise and on the Internet.

I'm starting to see more awareness in my family and friends who are beginning to think about what they're sharing and what access they’re granting to their information. You really want to have an understanding of what's being shared when you connect an application to Facebook, or when you download an application to your mobile phone.

Think about how many times you (the Authorizing User) are using services from Site A (requesting party) and it asks for your permission to access information (protected resource) on Site B (the host). How do you, as an end user (the Authorizing User), authorize and control this access? Is it a one-time grant, or does it persist for some period of time?

I think it's interesting how we, as consumers, are taking on tasks and responsibilities that have previously typically required 'experts.' With advancing technology, simpler interfaces, and a little education, we are now doing things ourselves that in years past required an expert such as:

 • publishing documents, images, music and videos

 • booking travel

 • printing tickets

Back in the early days of the telephone industry, operators were needed to make connections for the caller. At the pace the industry and telephone usage were growing, it was predicted that more operators were needed than there were citizens in the U.S.! And some amount of training was required in order to become an operator.

Fast forward to today. We've all become our own 'experts' and can perform the 'operator' function -- looking up information and placing our own calls – without a second thought.

With all of the technology we use in our personal and professional lives, and kids using iPads and iPhones before they can even read, who knows what’s next. Before we know it, we’ll be own security admins!