Digital Identity
|
| |
ISBN |
0596008783 |
|
Release Date |
01 August 2005 |
|
Category |
Web |
|
Tags |
identity,
digital identity,
digital,
"digital identity",
digital signature,
entity,
digital image processing,
digital image prossesing,
being digital,
identity management,
identity crisis,
corporate identity,
|
|
This book @Amazon |
View |
|
Description
When I received Digital Identity (234 Pages, O'Reilly, 2005, ISBN 0596008783) for review, I was fully expecting I would be slogging through a deep technical dive into identity management architectures (IMA). Boy, was I wrong. What I got was a extremely thorough discussion of identity management architectures within the context of information systems (IS) governance processes. This is the first time I have read a book that so thoroughly weaves technical discussions (at an appropriate level for the intended audience) with a full discussion of the IS governance frameworks that are essential to success when implementing an IMA. There is only one place where Phillip Windley, former CIO of the State of Utah, falls short in this book.
Windley is up front in stating that management of digital identities is fundamental to success in information technology. He also makes it clear that the purpose of the book is not to show how to design and implement an IMA. It is about understanding IMAs in a business context. Windley also does an excellent job at showing why critics of digital rights management (DRM) (as enforced by the movie and record industries), are doing more of a disservice by framing the DRM dialog in the wrong context. A such, people are predisposed in their opinions whenever the discussion comes up in any context.
Stating this up front, the reader of the book will walk through an explanation of what digital identity is, the concept of trust, the lifecycle of digital identity, and the business reasons for it. After laying the groundwork, as well as covering interoperability and federation of identity, the authors covers what really should be the best practices for any organization. By pulling from his own experiences he is able to substantiate that what he is saying is not just "theory". It is based on real experience.
This is, however, the point where I feel the author's lack of full disclosure keeps the book from being even stronger than it is. In his struggle to bring strong IS governance to the state of Utah. You see the reality is that if you come into an organization like a bull in the china shop, you are going to make enemies. From what he is written in this book, this seems to be the style he employed when trying to unify the Utah information infrastructure. The result of this, that is not covered in the book, is that he was forced to resign as CIO under the cloud of an investigation of improper hiring practices. I believe that if he had included this information in the book, along with lessons learned, the book would have been truly outstanding. Because it wasn't, I have to knock it down to 4.5 stars out of 5.
Note: In an e-mail exchange with the author, he indicated that although he strongly disagreed with what was in that report, his office never published a response to that report either formally or informally.
Who Should Read This Book
This is usually where I write a list of specific job types who should read this book, but this time I want to approach it from a different angle. This book should be read by any IT professional that wants to expand their knowledge and expertise beyond wires, pliers, and lines of code. It is this type book that will allow them to do so without totally stepping outside of their comfort zone. At the same time, it should also be read by anyone involved in IT Audit and/or governance issues. Worried that there will not be enough technical content for you? Don't. Technical matter is covered at an appropriate level to get a broad understanding, but in a way not to loose a nontechnical reader.
The Scorecard
Birdie on a Long Par 5 |
|
