Tuesday, February 15, 2005

Laws of identity and workplace tools

Kim Cameron has recently published his 7th law of identity management they are:-
  1. The Law of Control
  2. The Law of Minimal Disclosure
  3. The Law of Fewest Parties
  4. The Law of Directed Identity
  5. The Law of Pluralism
  6. The Law of Human Integration
  7. The Law of Contexts
Kim provides a good summary page if you want to get started on understanding the laws in more detail.

Now reflecting on the 7 laws and where they place us for identity management for workplace technologies.

HRIS systems should be the master source/trigger of an identity for an employee, logically they are the first system to hold information about an new employee, from the recruitment process. From hear we need to build a framework to enable the rest of the organisation and the employee to understand and use this "professional identity". By the very nature of things the HRIS should now hand off the control of the identity to an LDAP environment. However the HRIS still retains control of the people data associated with that employee, not the LDAP environment.

Why is this so? If the employee moves positions in the organisation this should be facilitated by an online self service solution in which the HRIS is the first system to know about the change and as such the information can now be transferred to LDAP. However this now begins to move out of the identity management area and into data management.

Personally the laws make sense to me and I will be interested to see how/if the laws impact the market and how long it takes for solutions to appear.

I have moved from this site to my new home which can be found a www.specht.com.au

posted by mspecht @ 2/15/2005 09:13:00 am   |