New ways for managing a user's identity and their rights for access to various resources will emerge in Identity Management 2.0. This management approach is an improvisation over the Identity Management 1.0 which included authentication, authorization, user provisioning and password management. The new management system will include stringent forms of authentication, risk-based authorization and fine-grained entitlements, role based user provision i ng and ability to virtualize identities.

a)Enhanced authentication and risk-based authorization

Imagine a threat similar to phishing that tries to steal a user's identity by pretending to be one of the legitimate site. Under such a condition the legitimate website can incorporate software products that uses enhanced authentication techniques like on-screen pads. To further add to the security, these input pads are customizable so that a user will only know its pad. Assuming that the attacker has somehow managed to get information about the personalized pad, even then the role of risk-based authorization will come into play. This advanced technique maintains an analysis of behavior patterns of the user session. If any abnormal behavior is found, the system will prompt the user to authenticate again. Th.ese new techniques definitely make life harder for an attacker.

b) Fine grained entitlements

Earlier the access management system was simple and once the user had been given access it was up to the user to use the system to whatever level. But the upcoming trend in the management of systems is to give a very specific access to the users based on their position and requirements. For example, a physician may only be allowed to access records of patients under his care.

Name: Identity Management 2.0.jpg Views: 35 Size: 33.0 KB

c) Role management

Defining policies for different roles within an organization according to changing business requirements is the key feature under Identity Management 2.0. This will not only include defining new policies or roles but will also provide the flexibility to modify existing roles. Such an approach is beneficial for business management and also simplifies the process of assigning access rights to the user.

d) Identity virtualization

Under earlier systems, details regarding users and their passwords were maintained across multiple directories. Identity Virtualization is a virtual directory of all users with their information. Such an approach reduces the acc'ess time and presents a consolidated view of all users. Virtual directory is like a layer above all user repositories.

Mobile malware

With the increasing use of smart phones, vulnerabilities also increase. Mobile malware holds a lot of potential and will evolve because of penetration of faster networks. Mobile devices are launched with a lot of new features but at the same time they open more holes on the security front. Some of the attacks that will be common are session keylogging, obtaining contact lists, etc.

Another trend to catch up will be solution to these malware from anti-virus vendors. Monetization ofi mobile malware will be successful. Apart from this one can think of open source malware, ie the code is modifiable and anyone can add to the functionality of that code.