Press Room

Press Release: September 8, 2005

"Digital Identity": Planning and Creating an Identity Management Architecture

Sebastopol, CA--The rise of network-based, automated services in the past decade has definitely changed the way businesses operate, and not always for the better. Offering services, conducting transactions, and moving data on the Web opens new opportunities, but many CTOs and CIOs are more concerned with the risks. Like the rulers of medieval cities, they've adopted a siege mentality, building walls to keep the bad guys out. It makes for a secure perimeter, but hampers the flow of commerce.

Fortunately, some corporations are beginning to rethink how they provide security, so that interactions with customers, employees, partners, and suppliers will be richer and more flexible. Digital Identity (O'Reilly, US $34.95) by Phillip J. Windley explains how to go about it. Drawing on his experience as CTO of iMall, Inc., VP of product development for Excite@Home, and CIO in Governor Michael Leavitt's administration in Utah, Windley provides a rich, real-world view of the concepts, issues, and technologies behind a key concept known as "identity management architecture" (IMA).

According to Windley, IMA is a method to provide ample protection against malicious attacks while giving good guys access to vital information and systems. In today's service-oriented economy, digital identity is critical: it provides a set of standards, policies, certifications, and management activities that enable companies to manage digital identity effectively--not just as a security check, but as a way to extend services and pinpoint the needs of customers.

The ATM machine is one of Windley's favorite examples of the way digital identity increases business. "Before ATMs were invented, a bank's customers took care of their banking needs by presenting pieces of paper to a human teller," recalls Windley. The papers included instructions to the bank, cash, checks, and other financial instruments. Unless the teller personally knew the customer, the customer also presented some kind of identity credential, such as a driver's license, that allowed the teller to verify the customer's identity and proceed with the transaction. "The ATM was possible only because banks created a means of identifying their customers digitally," explains Windley. "With the advent of a digital identity infrastructure, banks no longer needed a human in the loop to verify the customer's identity, allowing them to provide around-the-clock access to banking in a broad range of convenient locations.

In the foreword to the book, Jamie Lewis, CEO and research chair for the Burton Group, reflects on the importance of digital identity in the virtual world:

"The societal mores, legal structures, and commonly accepted business practices that govern everyday life in the physical world have evolved over thousands of years, and that evolution continues every day. But now we're in the process of translating those structures to the Internet, creating a new place where people can interact. That 'place' is radically different from the physical world, one where networked applications combine with ubiquitous connectivity to free transactions, communications, and other activities from physical constraints, thus, creating an entirely new set of activities."

Lewis adds, "When it comes to enabling a truly virtual world that can accommodate the breadth and depth of human endeavor, nothing is more important than identity."

Windley likens IMA to good city planning: cities define uses and design standards to ensure that buildings and city services are consistent and workable. In Digital Identity, CIOs, other IT professionals, product managers, and programmers will learn how security planning can support their business goals and opportunities, rather than holding them at bay.

Additional Resources:

Digital Identity
Phillip J. Windley
ISBN: 0-596-00878-3, 234 pages, $34.95 US, $48.95 CA
1-800-998-9938; 1-707-827-7000

About O'Reilly

For almost 40 years, O’Reilly Media has provided technology and business training, knowledge, and insight to help companies succeed. Our unique network of experts and innovators share their knowledge and expertise through the company’s Safari training and learning platform and at O’Reilly conferences. As a SaaS learning platform, Safari delivers highly topical and comprehensive technology and business learning solutions to millions of users across enterprise, consumer, and university channels. For more information visit

Return to: O'Reilly Press Room

Press Contacts

Media Relations – Corporate & North America

Fama PR

Media Relations – Japan

Fumi Yamakawa
+81 3-3356-5227

Media Relations – United Kingdom

Helen Codling
+44 (0) 1252 721284