An architecture for identity management

Richardson, Brian Robert

06 July 2005

Personalization of on-line content by on-line businesses can improve a users experience and increase a businesss chance of making a sale, but with stricter privacy legislation and Internet users increasing concerns about privacy, businesses need to ensure they do not violate laws or frighten away potential customers. This thesis describes the design of the proposed Identity Management Architecture (IMA). The IMA system allows users to decide on a per business basis what personal information is provided, gives users greater access to their personal information held by on-line businesses, and does not rely on a trusted third-party for management of personal information. In order to demonstrate the design and functionality of the IMA system a prototype implementation has been built. This implementation consists of the IMA client application and an example participating business to demonstrate the features of the IMA client. To evaluate the design of the IMA system it was compared to three high profile identity management systems: Microsoft .NET Passport, Liberty Alliance Project, and Microsoft Infocards. Through this evaluation each tool was compared based on the access to personal information provided to users and on what areas of privacy legislation compliance are improved for a business that participates.

identity management

privacy

ima

An architecture for identity management

Richardson, Brian Robert

06 July 2005

Personalization of on-line content by on-line businesses can improve a users experience and increase a businesss chance of making a sale, but with stricter privacy legislation and Internet users increasing concerns about privacy, businesses need to ensure they do not violate laws or frighten away potential customers. This thesis describes the design of the proposed Identity Management Architecture (IMA). The IMA system allows users to decide on a per business basis what personal information is provided, gives users greater access to their personal information held by on-line businesses, and does not rely on a trusted third-party for management of personal information. In order to demonstrate the design and functionality of the IMA system a prototype implementation has been built. This implementation consists of the IMA client application and an example participating business to demonstrate the features of the IMA client. To evaluate the design of the IMA system it was compared to three high profile identity management systems: Microsoft .NET Passport, Liberty Alliance Project, and Microsoft Infocards. Through this evaluation each tool was compared based on the access to personal information provided to users and on what areas of privacy legislation compliance are improved for a business that participates.

identity management

privacy

ima

Being in-between : a narrative investigation into manager identity work in a UK Housing Association

Rostron, Alison I.

January 2016

This thesis uses narrative methods within a social constructivist paradigm to investigate the identity work of managers in a North West England Housing Association, in the context of being ‘in-between’ those whom they directly manage, and those whom they are managed by. Within the complex field of identity studies it draws on a narrative conceptualisation of identity and utilises methods based on narrative structural analysis and the work of Propp (1968), and on a Levi-Straussian (1963, 1983) concept of mythical thought. The thesis is based on an embedded case study strategy in which managers are regarded as individual units of analysis within the bounded system of the case organisation. Data was collected primarily by eliciting stories from managers through interviews, and from observation and document collection over a fifteen month period. The case study organisation is a registered provider of social housing in the North West of England. Management in social housing is an under-studied area, and the complex environment, which makes multiple demands on managers to be both business and socially focused makes it an ideal context in which to investigate manager identity work. The thesis proposes the concept of the ‘medial manager’ as any organisational actor who is both managed themselves and who manages others. Its focus therefore extends from first level supervisors or team leaders through middle managers to senior managers reporting to Executive Board level. It makes a number of contributions to knowledge. First, a conceptual model of medial manager identity is developed through reflexive abductive iteration between primary data and extant literature which allows underlying processes of identity work to be identified, and understanding of identity work to be developed in several ways. These include identifying three distinct but inter-dependent phases of identity work, identifying key affording and constraining factors which help to explain different responses to subject positions by managers, and a more detailed understanding of the role of narrative in identity work. Second, the thesis adds to our understanding of managers. It reveals that the tensions between different interests commonly attributed to the middle manager role are also part of the daily experience of managers at other levels, and perhaps especially at team leader level. Third, the thesis makes a methodological contribution by developing a method of story elicitation and narrative analysis which is shown to be capable of revealing rich and granular detail into the workplace identities and processes of identity work accomplished by medial managers.

363.5068

identity ; management ; managers

J20 DEFENDANTS: DISRUPTING STIGMA THROUGH IDENTITY MANAGEMENT

Brown, Lacey

01 December 2019

This project presents findings from an analysis of qualitative interviews by the J20 Defendants, who were arrested, detained, and charged for rioting Donald J. Trump’s inauguration on January 20, 2017. This project examines the identity management strategies and experiences of the J20 Defendants as individual members and as a larger collective, with specific focus on how their mental and emotional health impacts their perception of self. In addition, this project uses Fantasy Theme Analysis (FTA) to identify organizational norms and communicative practices within the J20 collective. Time and space impact collective interpretations, meanings, and values, which influence group consciousness (Bormann, 1985; Bormann, Cragan, & Shields, 1994). To understand the defendants’ symbolic world, I describe in Chapter 1 what happened on January 20, 2017. I explain, in chronological order, how the J20 Defendants were detained, their collective experience while in police custody, and the court proceedings.Attending Disrupt J20 was a collective experience, Weick (1979) explains that shared interpretations among members grant organizations the ability to exist beyond, or even without, physical or systematic structures. Chapter 2 defines the J20 Defendants as an organization through the Four Flows Models, a school of thought within Communicative Constitution of Organization (CCO). The J20 Defendants are anunusual organization due to forced membership; the prosecution labels their identities. However, they made sense of their forced membership by utilizing the four processes within the Four Flows Model: (1) membership negotiation, (2) self-structuring, (3) activity coordination, and (4) institutional positioning. This project also defines the J20 Defendants as a stigmatized organization through the theoretical concepts of event and core stigma, which are defined in Chapter 2. The defendants managed their stigma through various identity management strategies, which are highlighted in Chapter 4. Findings suggest the defendants did not value the viewpoint of mainstream society, which is why they attended the stigmatizing event Disrupt J20. However, they did value the opinions of other activists.Despite having similar beliefs and values, the defendants each navigated their stigma differently. Furthermore, the ways the defendants managed stigma did not align with strategies articulated in organizational communication literature. However, every interviewee made sense of their stigma based on their ability to maintain confidentially. This project notes three organizational obstacles: (1) managing the stress and anxiety of being a member, (2) communicating internally, (3) externally performing a clear collective identity. Through various forms of comradery, members were able to manage their stress and anxiety as J20 Defendants. Members were also viewed as autonomous agents in how active or inactive they wanted to be. Every defendant interviewed stepped away from the organizational core temporarily or permanently. Overall, I hope this project illuminates new information about stigmatized organizations that seek cultural and political change.

identity management

radical organizing

stigma

PRIVACY AND IDENTITY MANAGERMENT ON SOCIAL NETWORKING SITES WITH REFRENCE TO FACEBOOK

Agadagba, Kelvin Yoreme

January 2011

According to Nicole B. Ellison and Danah M. Boyd in their article on “Social network sites: Definition, History, and Scholarship”, they defined Social Networking Sites as “Web-based services that allow individuals to (1) Construct a public or semi-public profile within a bounded system, (2) Articulate a list of other users with whom they share a connection, and (3) View and traverse their list of connections and those made by others within the system”( 2007). In other words, Social Networking Sites (SNSs) are websites that are designed to simplify communication between users who share similar activities, attitudes and interests. Today the growth and role of social networking sites has become an issue not only for the users themselves but also for scholars and industrial researchers. My aim in this research will be to explore Social Networking Sites in general. The concept of Social Networking Sites is very broad; therefore my main study will be dealing primarily with how privacy and restrictions plays a role in identity management with reference to Facebook.

Facebook

Privacy

Identity Management

Social Networking Sites

Centralizovaná správa rolí / Centralized management of user roles

Kotora, Ondřej

January 2008

Správa rolí a identit se stává elementární součástí podnikových informačních systémů. Je součástí oboru Identity a Access managementu, který je velmi mladou a dynamicky se rozvíjející tržní oblastí. Tato diplomová práce poskytuje základní přehled o členění této tržní oblasti a zároveň charakterizuje tuto oblast z pohledu obecného přístupu a přístupu na úrovni odvětví. Je zde popsána nabídka několika hlavních hráčů na trhu s důrazem na vhodnost nasazení v českém prostředí. Konkrétně je vybírán vhodný produkt pro nasazení v České správě sociálního zabezpečení, největší finančně správní institucí státní správy ČR. Je zde také popsáno několik faktorů na které by měl být při podobném výběru kladen důraz. Samotný výběr je pouze informativní s účelem dodat aktuální přehled o možnostech řešení, které trh pro danou oblast nabízí. Identity a Access management totiž v České správě sociálního zabezpečení již zaveden byl. O tomto řešení se zmiňuje předposlední kapitola.

Black Leader or Leader Who Happens to be Black? Racial Identity Politics Among African American Leaders

Collins, Brittany L.

03 November 2009

No description available.

Communication

Discourse

Sensemaking

Identity Management

Racelessness,

"Thank you for letting me be myself": Exploring the effects of identity management strategies on engagement levels of lesbian, gay and bisexual employees

Boyles, Patricia

05 November 2008

In spite of the fact that discussions regarding the social inequality of lesbian, gay and bisexual (LGB) individuals have been at the forefront of the U.S. national dialogue over the last decade, and estimates suggest that LGB employees comprise between 6 and 17 percent of the workforce (Gonsiorek & Weinrich, 1991), little is known about the experiences of these individuals at work. The limited research that exists suggests that inclusive diversity programs (e.g. gay-friendly organizational policies and practices, such as same-sex partner benefit programs), LGB employee experiences and fears of discrimination, and decisions regarding the disclosure of their sexual orientation are of central concern for LGB employees. However, at present only a small number of empirical studies have been conducted, resulting in relatively inconclusive findings. For example, research on the role of the environment at work with respect to LGB employee disclosure decisions has generated evidence that disclosure is related to both reduced and increased levels of discrimination. Explanations for these mixed findings includes evidence that the decision to disclose or not disclose one's LGB identity is driven by a multitude of factors such as individual attitudes suggesting that elements of the organizational environment may be more useful if considered a context in which LGB employees enact disclosure decisions. In addition, evidence suggests that the decision to disclose one's LGB identity is much more complex than a simple "to tell" or "not to tell" dichotomy. This complexity, theoretically and empirically captured in the concept of identity management strategies, has been argued to have detrimental effects on the well-being and productivity of LGB employees. However, as of yet there has been little research conducted to empirically investigate these claims. I propose that employee engagement, articulated by Kahn (1990) as a psychological presence in which workers are able and motivated to fully employ and express themselves physically, cognitively and emotionally at work, offers a useful framework in which to examine the potential effects of identity management. Employee engagement incorporates both the well-being of employees and the repercussions with respect to their performance, conceptually capturing the range of outcomes speculated to be related to identity management. Therefore, this study investigates the impact of identity management on LGB employee engagement. Data was collected via an online survey of a national sample of self-identified LGB employees, obtained through announcements posted on gay and lesbian news and information websites, social network websites, and occupation-related online discussion boards. Findings suggest that while aspects of Kahn's model of engagement apply to LGB employees, other configurations of the conditions of engagement may be more appropriate for these workers. Additionally, the findings indicate that in work environments perceived as less psychologically safe with respect to being lesbian, gay or bisexual, strategies of identity management used to avert disclosure of one's sexual orientation may help reduce the negative impact of non-disclosure on engagement, while integrating one's LGB identity at work, particularly in environments perceived as psychologically safe, may have positive implications for LGB employee engagement. / Ph. D.

employee engagement

LGB employees

Identity management

Design and Development of an Identity Management System: The Minnesota State College-Southeast Technical Case Study

Elhindi, Mohamed A.

01 January 2010

Historically, managing access to information systems (ISs) required direct interaction with a limited number of users. Increasingly, managing access involves handling an increased numbers of internal and external students, faculty, and staff as well as partners such as workforce development centers, the U.S. Department of Education, and the Council on Higher Education Accreditation. At Minnesota State Colleges and Universities (MnSCU), the approach to identity management (IdM) required the distribution of a username and password to authenticate MnSCU employees and students. Authentication enables authorized users to access campus-supported ISs and Office of the Chancellor (OOC) supported ISs such as the Integrated Statewide Record System (ISRS). In some cases, an MnSCU employee or student will receive as many as 7 usernames and passwords. When a new employee or student joins MnSCU, the campus IT group creates a general log-on to campus-supported ISs. This log-on consists of a username and password and provides the new employee or student with access to a local area network (LAN) hosted application such as e-mail and campus directory services. The author used Minnesota State College-Southeast Technical (MSC-ST) as the unit of analysis. In this inquiry, the following propositions guided and shaped the case study data collection: (a) system development processes (SDPs), (b) single access sign-on credentials through all MSC-ST ISs, (c) electronic data assurances, and (d) implementation across public and private security zones. The findings from this case study were used to develop a paradigm supporting the design and development of an IdM system model at MSC-ST. This model contributed to the establishment of a uniform IdM system for use by MSC-ST students, staff, and faculty regardless of time and location. Based on findings from this case study, key processes involved in establishing this IdM system based on uniform identities and authentication processes were documented. Key steps involved in facilitating secure IS access to MSC-ST resources by students, staff, and faculty accessing OOC-supported ISs as well as MSC-ST campus-specific applications were described. The author contributed to advancements in the IS space through the use of a replicable approach for implementing an IdM paradigm at MSC-ST.

access management

Identity Management System

identity management system model

information systems

Computer Sciences

Identity management / Identity management

Kefer, Daniel

January 2009

The master thesis is divided into two parts. In the first part, identity management is described on theoretical basis. Particular domains of identity management including authentication, authorization and audit are explained as well as Single Sign-On concept, i.e. using single credentials and entering them just once for access to multiple independent systems or services. In the second part, which forms the main part of this thesis, a practical project was implemented on the infrastructure of the Department of Telecommunications within the Faculty of Electrical Engineering and Communication, Brno University of Technology. The goal of this project was to create an environment for central 4 authentication and Single Sign-On using only open source technologies within a computer laboratory used for teaching OS Linux. The project is based on OS Linux Debian, Kerberos as a protocol for secure authentication and LDAP server OpenLDAP. For the Single Sign-On demonstration, NFS services for accessing data on the network were chosen. Using NFS services, users can sign-on to any workstation and access all their data. Administration of users and their import from central FEEC databases was implemented using scripts developed in Python. Next, using Apache, PHP and MySQL, a front-end audit interface for the network administrator was developed in order to inspect and evaluate security events in the network. Messages about suspicious events are delivered to administrator’s mailbox in real time. The project is intended as a security platform which means that other services can be implemented for Single Sign-On as well as new mechanisms for evaluation of suspicious events.