The conference this year will have a particular focus on Trust, which the Oxford English Dictionary primarily defines as a “Firm belief in the reliability, truth, or ability of someone or something; confidence or faith in a person or thing, or in an attribute of a person or thing.”

Questions of trust lie at the very foundation of our identity systems.  We trust standards bodies to develop protocols that will be useful, practical and secure.  We trust developers and vendors to build products, solutions and services that will implement those standards in performant, scalable and extensible ways.  We trust providers to deliver robust services that we and our customers can rely on.   We trust executives to listen and to support and fund the crucial work that we do.  And, of course, we develop and implement mitigations in case our trust is misplaced.

But trust is broader than this; and trust goes both ways.  As consumers and as citizens, we would like to trust that organisations won’t collect information they don’t need; that they will handle that data safely and properly; that they will keep pace with rapidly evolving best-practices in identity, security and privacy.  A world in which that trust is not assured is an uncomfortable world at best; and many people today live, work or interact in circumstances which are not inherently trustworthy. 

The OED has a secondary definition of Trust.  “To take on (also upon) trust (formerly also †to take up in (also upon) trust  †to receive in trust and variants): to believe or accept a statement, story, etc., without seeking verification or evidence for it.” (Emphasis added).  

Over the past 24 months, we’ve seen an explosion in digital identity assurance and verification programs.  Mobile drivers’ licenses, COVID and other healthcare passes and certificates, digital boarding cards, facial recognition for age verification and in-store check-out… the list is long, and it is growing.  As a result, we’re also seeing an explosion of interest in governance and interoperability within and between use-cases and sectors: trust frameworks, attribute mapping and matching, account linking and more besides.

These advances hold great promise to make our lives more efficient and connected; to reduce friction, and fraud, and risk.  But a balance is needed, too.  Trust is a fragile thing—hard to gain, easy to lose, difficult to rebuild.  Organisations and institutions must take care not to overstep the bounds of our trust, lest they lose our engagement and, in the end, our support.

Trust is an important topic, but it’s certainly not the only issue of note in the industry!  The topic focus each year for Identiverse infuses but does not dictate the agenda and the event.  New and emerging standards and architectures; deployment stories and leading practices; identity for connected devices; new approaches to privacy, security, devops, engineering; sector-specific identity practices in healthcare, manufacturing, government, education, financial services and more; and specific identity-related disciplines like CIAM, auth’n, auth’z, self-sovereign, IGA…. That list barely scratches the surface: and your proposals on these and many other topics will inform and contribute to the agenda.

This year’s content committee and I look forward to seeing your proposals; and I trust that we’ll be able to get together in person in Denver in June.

Andrew Hindle

Independent Consultant, Board Member IDPro

Andrew is an independent consultant specialising in digital identity, cyber security and privacy. He is a founding member, and Chair of the Board, of IDPro; he participates as a voting member of the User Managed Access Working Group at Kantara; and he is an active member of the Open Identity Foundation (OIDF).  Since 2015, he has been Content Chair for Identiverse®. Andrew has over 20 years experience in the software industry in a range of technical sales, pre-sales, product marketing and business development roles. He maintains CIPP/E, CIPM and CIPT privacy certifications with the IAPP; a CIDPRO certification from IDPro; and holds a BA in Oriental Studies (Japanese) from Oxford University and an advanced professional diploma in corporate governance. Outside of the world of identity, Andrew is Chair of Trustees for his local scouting group, rides regularly with a local road cycling group, and plays keyboard, guitar and bassoon (not at the same time) with more enthusiasm than skill, and for an audience of one. Andrew is based in the UK.

The post Identiverse® 2022 appeared first on IDPro.

Last month, we sat down with Heather Flanagan, Body of Knowledge Editor for IDPro. This month, as we continue our series of posts “Getting to Know IDPro,” we interviewed George Dobbs, Board Member and Chairman of the IDPro Body of Knowledge Committee. George shared his experience in the identity industry, why IDPro is so important to the ecosystem, and much more.

IDPro: Can you share a bit about yourself and how you got involved in the identity industry?

George: I took a math major in college and got an opportunity to work on computing jobs for the school administration. It was remote computing in the sense of dial-up with an acoustic modem.  That led to a job with a company that sold computing time with a similar set up. Back then, companies would pay high fees to get access to storage and computing. When microprocessors became powerful enough for basic tasks, there was a demand for the skills needed to set up basic computing tasks based on such devices as the TRS-80 and eventually the first IBM PC. After a  five-year stint as self-employed, I moved to an insurance company where I got involved with local area networking (LAN). Novell Netware 2.x was all the rage at that time and that was my first exposure to digital identity. As the 80’s turned into the 90’s, the bindery turned into a directory. In the 90’s the Novell packet technology and directory were overtaken with TCP/IP and Microsoft’s Active directory. I got involved then setting up gateways and firewalls. Eventually it came time to have customer and agent logins to websites. This was a new use-case that gave me the opportunity to design and build and as I moved on to another company, there was a reprise of the project. At a third company the same need came around again, but by the 2010’s the nature of the project was heavily influenced by defensive needs; financial institutions, through the internet, had become regular targets for fraud.  

IDPro: What brought you to IDPro and what prompted you to join the organization?

George: I first got involved with others in the identity space with the Network Application Consortium in the late 90’s. That’s where I first heard of the Jericho project and the concept of identity as the new perimeter. I think the concept was done a disservice by the terrible name – “boundaryless computing” – that someone came up with, but the idea was prescient. Boundaries and zones remain part of the toolkit but identity has become a key aspect of security. So when I heard Ian and Sarah call those at the Cloud Identity Summit to action, I figured the need for protection from fraud and other attacks is a good reason for collective action, so I joined IDPro.

IDPro: Can you explain your role in IDPro?

George: I’ve been a board member since the first board was seated. It seemed clear that the most important thing to take on was the Body of Knowledge so I helped by framing how that would work in our organization and forming a committee of which I have been the only chair to date. We drafted a “table of contents” and defined a process to find and select the Principal Editor which was accomplished about 18 months ago when we found Heather. Heather has met and exceeded our expectations, so my role has changed from first mover to something more akin to guide or coach.

IDPro: Why do you think IDPro is important for the identity industry and ecosystem? 

George: My first response is that the very notion of an identity industry is only now being incorporated into mainstream thinking. In the past, if it was thought of at all, it was as part of the “information security” domain. There have been many attempts to improve the identity landscape over the years but what IDPro attempts to provide is a big tent into which all sorts of topics and roles relating to the identity industry can fit and be knit together. Hopefully this allows players from government, industry, education and even concerned citizens, to provide foundational knowledge for the next generation and – perhaps more importantly – provide guidance to society as a whole as we move more fully into the inevitably digital future.

The post Getting to Know IDPro appeared first on IDPro.