Most of current work in the space of Identity Management is around “operational” identity management, i.e. systems and solutions providing security control points to be deployed within an IT infrastructure.
In addition, IdM solutions in the space of “compliance management” will also have to come to terms with the current shift towards “risk management”, where decision makers/CISOs/CIOs are more and more heavily scrutinising their security investments and making their investment bets based on priorities and actual risks.
I believe that an important “next step” in the Identity Management space is going to be towards “Identity Analytics” and related “Identity Risk Management”.
Here are a few interesting research questions in the “Identity Analytics” space:
- What are the basic principles that underpin and characterize enterprise’s identity & privacy management processes (and related human behaviors) and their impact on organizations?
- How to abstract them with models and ways to generate predictions (e.g. with simulation tools) that can be leveraged by decision makers/CISOs/CIOs?
- How to enable decision makers/CISOs/CIOs to better understand (in advance) the impact and implications of their decisions in terms of security risks, costs and potential losses, impact on reputation, etc.?
--- NOTE: use this mirror blog to post anonymous (un-authenticated) comments ---
Information disclosed in this community becomes public.
Exercise caution when deciding to disclose your personal information.
HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable.
Opinions expressed are your personal opinions or those of the original authors, and not of HP.
Please see HP's web Terms of Use for more details.
