Identity management (IdM) plays a critical role in the functionality, security, and user experience of web applications and content management systems.. Especially in the Federal realm, IdM can be complex, with a variety of sometimes conflicting standards, regulations, and responsibilities to consider. This session will examine the technical, administrative, and legal components of identity and related concepts, including Identity, Credential, and Access Management (ICAM), Identity Lifecycle Management (ILM), and Identity and Access Management (IAM). We will define the major processes of IdM and discuss the tools and techniques available with Drupal to support them. Topics covered will include Identity stores, federated identity and Single Sign-On (SSO), identity assurance and proofing, authentication factors, protection of personally identifiable information (PII) and protected health information (PHI). We will also discuss key emerging concepts and technologies, including identity as a service, identity governance and delegation, and trusted digital identity networks and blockchain.
Key takeaways:
1. Identity management is a crucial job in web development and administration, involving complex trade-offs such as the personalization of user experience versus the risk of managing PII and the advantages of anonymity in maintaining privacy versus its potential role in promoting abusive behavior.
2. Drupal provides a flexible, capable system for managing users and identities locally, along with a variety of contributed modules and API extensions for distributed identity management and federation.
3. IdM is evolving, especially in the Federal real, with increasing reliance on digital identifies, new technologies, and growing concerns about privacy protection and identity theft and fraud.