Since I first left public service last year and then returned, I have been regularly asked about my perspective on the state of the U.S. Government’s public facing shared service infrastructure for identity services. For a long time, I have lacked the words given my past investments of time, energy and emotion in those efforts.
This blog post is a personal opinion and does not necessarily represent the views of anyone else, especially my past and present employer(s). In addition, I currently do not hold any operational, oversight or policy roles that are in any way related to this type of broker/hub capability or shared service. If you misconstrue this as any type of official position (which it absolutely is not), that would be… silly!
However, in a couple of private conversations during the Cloud Identity Summit last week, I had the opportunity to answer it in a way that conveyed my perspective, without getting into the specifics of people, organizations and politics.
That combined with hearing the public articulation of the vision and capabilities of the “new thing” at #CISNOLA, is motivating me to share my perspective. As always, I write for myself to gain clarity and peace. YMMV.
Gone with the wind
The 1939 film “Gone with the wind” is an American classic. It is a period drama set during the American civil war, chronicling the pursuit by Rhett Butler (played by Clark Gable) to gain the affections and love of Scarlett O’Hara (played by the spectacular Vivien Leigh) who spurns him time and time again.
Towards the end, after more than 10 years of futile pursuit, Rhett gives into despair and emotional exhaustion, and finally gives up any hope of a future with Scarlett, uttering what still remains one of the greatest lines in movie history:
“Frankly, my dear, I don’t give a damn!”
Many people stop there, but I have found that the true poignancy of the film lies in realizing that the moment of Rhett’s despair is also when Scarlett realizes that she cares for Rhett and vows to one day win back his love, however forlorn that hope!
(You can wipe your tears now … we are switching contexts)
The pursuit of identity
The desire to enable trusted digital interactions between people and government using identity services has been a pursuit of the U.S. Government for a LONG time.
For more than 10 years, from the E-Authentication Program in 2002, the FICAM Trust Framework Solutions Program, and recently the Connect.gov initiative, a set of dedicated and technically savvy folks who are civil servants, support staff, private sector partners and vendors have jumped again and again into this fray.
We have been motivated by everything ranging from commitment to public service and altruism to doing the job well to earning a living.
Each time, for a variety of reasons that have nothing to do with any lack of access to top-notch teams of technologists or a lack of understanding of agile development and user-centered design, we have not been successful in shipping a product.
Which means that many of these folks, who know the lessons of history, understand the organizational dynamics and pitfalls, are technically savvy, and are committed to a massively successful outcome, have become jaded, somewhat exhausted, and in many cases frustrated.
In short, this is their “Frankly, my dear…” moment!
The question before all these folks, the individual answer to which will have a collective impact on the future of identity in USG, is “Have you fallen into Rhett’s pit of despair, or do you believe in the hope that Scarlett clings to for the future?”
As for me, believing as I do that life is composed of moments of joy and heartache punctuated by clarity and confusion, I await clarity balanced on the knife-edge of Rhett’s utter despair and Scarlett’s forlorn hope.
Those that fail to learn from history, are doomed to repeat itWinston Churchill
BTW, I have never liked throwing problems over the wall for someone else to solve without taking a shot at it myself. As such, I was going to put together some thoughts and suggestions for folks who may be currently looking into this long running challenge.
Then I realized, with some amusement, that the advice I have been giving in private has always been consistent with what I have shared in public and on this blog for the last 3+ years. So here you go!
On the importance of user experience
- (2013) Does Public Sector Identity Federation have a Compelling Gain-to-Pain Ratio?
- (2013) Balancing Identity Assurance and User Enrollment UX
- (2014) The Monomyth Fallacy of Digital Service Delivery
On the role of Government in Identity
- (2013) Identity Establishment and the Role of the Public Sector
- (2014) Identity Establishment, Verification and Validation
On why public sector identity brokers and hubs should be treated as a market and platform play and not an integration play
- (2013) Federated Credential Use. A Tale of Poultry and Public Sector
- (2013) Role of Multi-Sided Platforms in Identity Federation
- (2013) What Capabilities are Enabled by Public Sector Federated Identity Platforms?
On adding attractors to the platform (for Identity Providers)
- (2013) Who are the Natural Source of High Assurance Credentials for Public Sector Services?
- (2014) Why are U.S. Financial Institutions Not at the Identity Table?
- (2014) Identity Validation as a Public Sector Digital Service?
On adding attractors to the platform (for relying parties / service providers)
On existing policy support for enabling platform delivered services
- (2013) A Model for Separating Token and Attribute Manager Functions
- (2013) Can NIST E-Authentication Guideline SP 800-63-1 Support a Token-Attribute Separation Model?
- (2013) FICAM TFS Component Identity Services Terminology
- (2013) FFIEC and NIST Authentication Guidance. Does a Token Venn Diagram Exist?
- (2014) The Missing Link Between Tokens and Identity
- (2014) The Value of Sameness in a World Demanding Identity
- (2014) A Simple Framework for Trusted Identities
- (2013) Proxy Architecture
- (2013) HOW TO Choose Attributes to Uniquely Identify a Person
- (2014) What Is the Role of Transaction Risk in Identity Assurance?
- (2014) Three Indicators for Successful Public Sector Service Delivery
- (2014) A C2G Identity Services Overview of Canada
Did you find this interesting? Don't miss any new posts. Sign up to automatically receive them now!
This blog post first appeared on Anil John | Blog (https://blog.aniljohn.com). The opinions expressed here are my own and do not represent my employer’s view in any way.