identity mobilized

8/4/2019 Identity Mobilized

http://slidepdf.com/reader/full/identity-mobilized 1/17

Identity: Mobilized

[email protected]

[email protected]

mailto:[email protected]






Today’s Journey

1. The mobile paradigm2. Lessons from the last paradigm shift

3. Mobile identity as paradigm extension• Extend the web - Consumer: Google, facebook

•

Extend enterprise directory: AD, LDAP4. Mobile identity beyond the web• Mobile Virtualization

• Mobile Biometrics

• Near-Field Communications (NFC)

• Mobile Identity Databases (Neustar)5. Mobile identity platform opportunities

• Device-side: Hardware Supplier/OEM, OS/Technology Supplier,

• Cloud side: Operator, Cloud Service Provider

6. Open discussion



The Mobile Paradigm

A device will replace everything in your wallet

• It is your critical communications center

•

It’s a navigation and entertainment center • It knows more about you than your spouse

• It contains your personal and work identities

• It’s not a PC and won’t replace it entirely.

PC-centric solutions won’t define the mobile experience

Did 3270 terminal emulation define the PC experience?



Lessons from the Last Big Paradigm Shift

1. Consumers drive disruptive innovation; enterprise follows later

2. Enterprise-oriented ecosystems appear in the new paradigm3. Eventually the enterprise must adapt or lose competitiveness

4. New market leaders emerge; few old-paradigm leaders survive

5. Value creation and profit shifts toward software and solutions

Central

Computing

Personal

Computing

Mobile

Computing

1.0 2.0 3.0



Drilldown: Mobile Paradigm Changes

Central

Computing

Personal

Computing

Mobile

Computing• Enterprise owns and

controls equipment

• Vendor selection by

enterprise only

•No consumer use

• Complete control of

enterprise data

• Long sales and

deployment cycles

• Duty cycle: 20 years

• Software: build-to-suit

• Locally-oriented

• Equipment owned by

enterprise or consumer

• Vendor selection by

enterprise or consumer

•Limited consumer use of enterprise gear

(and vice-versa)

• Some control of

enterprise data

• Moderate sales

and deployment cycles

• Duty cycle: 10 years

• Software: packaged

• LAN/WAN-oriented

• Equipment more often

consumer-owned (trend)

• Consumer typically drives ve

ndor selection

•Consumer AND enterprise use of same device

• Deep fear of losing control of

enterprise data

• Short sales and

deployment cycles

• Duty cycle: 3 years or less

• Software: cloud/app store

• Cloud-oriented



Mobile Identity as Paradigm Extension

• First attempts to embrace a new paradigm startby extending the old ones

– This doesn’t mean they will or won’t stick

–

New paradigms bring new dynamics into play• Two potential identity Paradigms to extend

– Web-centric identity

• Primarily consumer-oriented, but also SMB

– Enterprise directory-centered identity• Can include web through SAML for example

• Active Directory and LDAP drive PC-centric enterpriseidentity today and are the default places to extend



Extending the Web (Consumer)

• OpenID is a perfect example of something that

translates OK from PC to mobile

• Google takes this further in Android

– identity based on gmail account

• Facebook does this on multiple platforms

– Android also has explicit idendity, synch features

• Both are well-positioned to create broad

consumer mobile identity ecosystems



Extending the Enterprise Directory

• Active Directory has become the default place

for the PC-centric enterprise to store identity

– Microsoft has a huge vested interest in retaining

the enterprise identity store

– Yet Microsoft still sees mobile devices as an

extension of the PC, not part of AD directly

• Alternative: vendor-neutral directory via LDAP



Mobile Identity Beyond the Web

• Most smartphones serve two purposes:

– Consumer device for private life

– Enterprise device for business life

• Mobile identity systems shouldn’t ignore this

• Web-based identity sucks on a mobile device

– Poor usability, passwords less than ideal

– Mobile app paradigm exists outside web

• There must be a better way (and there is)…



Mobile Virtualization

• One device, two (or more) identities

• Ensure privacy in the consumer experience – Keep personal calls and messages private

–

Install consumer applications without restriction – Maintain private personal cellular number

• Protect business data and applications – Bring Your Own Phone (BYOP) to enterprise IT

–

Potential to separate billing for enterprise usage – IT in full control of enterprise OS, apps, network

– Wipe business data without affecting consumer

– Extend enterprise UC services to mobile device



Mobile Biometrics

• Low-cost fingerprint scanner

– Autentec sensor looks like a trackpad or button

– Swipe in any direction, different directions or fingers

for different functions, easy to use – Delivered with the Motorola Atrix

• Voice-based biometrics

– Hands-free biometric easily run in smartphone

– Higher equal-error rate than others (~10%)

• Visual biometrics – facial recognition

• Emerging: electrical field biometrics



Near-Field Communications

What it is: simple information transfer

• Very short range (nearly touching) - contactless card & reader

• Initialization and configuration of other wireless technologiesas needed based on where you are and what you have

Why it’s useful for identity

• Security credential based on where you are and what you have

• Very low power requirements, particularly in passive mode

• Minimal interference with other devices

• Context, based on what you touch or how you gesture.

• Tool for browsing the physical world

• Standardized by NFC Forum (nfc-forum.org), ECMA and ISO/IEC



Mobile Identity Databases (Neustar)

• Neustar keeps a lot of critical databases for bothlandline and wireless service providers

• In some cases these databases are also legally

mandated – E-911 location databases

– Number portability databases

– North American Numbering Plan Assignment (NANPA)

• All mobile device operators send subscriber datato Neustar that links mobile E.164 (telephone)number to subscriber name with network data



Mobile Identity Platform Opportunities

• Mobile platform itself hasn’t got a WinTel

equivalent yet, but a strong contender exists

– Apple iOS platform is playing the Mac-equivalent

– ARM/Android positioning Google to win

– No better alternative is thriving at this point

• Huge push to avoid commoditization on the

device and cloud sides of the equation



Device-Side Opportunities

• Hardware Supplier/OEM

– Hardware to exploit: Multi-core ARM chipsets

with strong security features: ARM A15 with

virtualization extensions, sensors, NFC, etc.

– Smartphone OEM now has many now-cost options to

integrate into their device; “just add software”

• OS/Technology Supplier

– OS mobile identity framework is best included in the OS

– Expose APIs to enterprise app developers to seed market

– Ride the coattails of NFC mobile payments initiatives



Cloud-Side Opportunities

• Operator-based identity services

– Natural extension of existing subscriber identity

– Also a natural adjacency to NFC-based mobile payments

– Could follow consortium model used by ISIS

• Cloud Service Provider: Mobile Identity-Plus

– Standalone mobile identity provider – not so sure

• What would the funding model be?

– Or mobile identity PLUS:

mobile presence aggregation/distribution, or

mobile payments and affinity program tracking, or

mobile social networking services



OPEN DISCUSSION

Thank You

identity mobilized

Documents