By Simon Moffatt
In the above figure we describe the basic life cycle for consumer identity and access management as containing 9 distinct stages:
- Onboarding
- Proofing
- Secure Login
- Device Binding
- Contextual & Adaptive Access
- Profile Management
- Consent Management
- Data Management
- Account Removal
A basic linear flow typically occurs, where Onboarding would clearly occur before Profile Management. But some aspects can be more modular or integrated independently.
For example Data Management may occur alongside Secure Login and Consent Management, with limited need for Proofing in one particular journey. The life cycle also contains too other references to help us model the life cycle ─ a reference to the NIST Identity Guidelines (https://pages.nist.gov/800-63-3/) and a customer retention flow, typically used by marketers or sales teams. Both are useful barometers in helping us focus upon being a good citizen when it comes to consumer security, usability and value generation.
The NIST Identity Guidelines are a set of best practice documents issued by the National Standards Institute in the US aimed primarily at federal agencies and departments. The standards help define authentication, proofing and federation specifications and promote secure interoperability. The main meat of the content is broken down into three different documents ─ namely Enrollment & Identity Proofing SP800-63A, Authentication & Lifecycle Management SP800-63B and Federation & Assertions SP800-63C. As we walk through the lifecycle, we can reference back to some examples from those guides in our analysis.
The Acquire-Personalise-Build Trust-Retain linkage, is to focus our attention on the entire reason the CIAM lifecycle ─ and indeed the entire subject area of CIAM actually exists ─ is that to provide services, applications and experiences to external users in order to grow revenue or build communities. Again we can reference that flow as we discuss each step in the life cycle.
The above article is an extract from “Consumer Identity & Access Management Design Fundamentals” Amazon/Leanpub ISBN: 979-8570842465 – https://ciamdesign.com/