The 7 Laws of Identity Standards
Published April 10, 2021
The OpenID Foundation is proud to participate in the first ever ‘Identity Management Day,’ an annual awareness event that will take place on the second Tuesday in April each year. The inaugural Identity Management Day is April 13, 2021.
Founded by the Identity Defined Security Alliance (IDSA), the mission of Identity Management Day is to educate business leaders and IT decision makers on the importance of identity management and key components including governance, identity-centric security best practices, processes, and technology, with a special focus on the dangers of not properly securing identities and access credentials.
In addition, the National Cyber Security Alliance (NCSA) will provide guidance for consumers, to ensure that their online identities are protected through security awareness, best practices, and readily-available technologies.
From the point of view of an open identity standards development organization and with a hat tip to Kim Cameron’s 7 Laws of Idenity, here are my 7 Laws of Identity Standards:
- A identity standard's adoption is driven by its value of the reliability, repeatability and security of its implementations.
- A standard's value can be measured by the number of instances of certified technical conformance extant in the market.
- Certified technical conformance is necessary but insufficient for global adoption.
- Adoption at scale requires widespread awareness, ongoing technical improvement and a open and authoritative reference source.
- When Libraries/Directories/ Registries act as authoritative sources they amplify awareness, extend adoption and promote certification.
- Certified technical conformance importantly complements legal compliance and together optimize interoperability.
- Interoperability enhances security, contains costs and drives profitability.
Don Thibeau
OpenID Foundation