BYOI (Bring Your Own Identity): From Identity Silos to multi-identity relationships

2 Flares Twitter 0 Facebook 0 LinkedIn 0 Buffer 2 Email -- 2 Flares ×

Megapolis is a Western deformation of the Greek word that derived from Greek: μέγας – ‘great’ and Greek: πόλις – ‘city’, therefore literally a ‘great city – wikipedia on “megalopolis”


Fact: The Internet of Things is here and there’s no way to stop it. We’re going to be inundated by billions of sensors,devices,”things” and by their identities, attributes, data and everything else.

It’s a fact there’s nothing right or wrong in that it’s simply a fact and we have to face it in a way or another.

Let me start over then and ask you a simple question:

Are we the still the same identities?

Seems a legit question and even a simple one. I’d be tempted to say well yes I am still the same person I used to be just with some more white hairs on my head but if you think at it the answer is “no we’re not”.

We’re not in different ways. If we think at the identities we used to carry on 3 years ago, 5 years ago the number of digital identities linked to our physical one it’s increased dramatically.

The average number in 2014 has been counted as 24:

Primary Identity Channel Model

Channel Description Average Number
E-mail E-mail addresses 2
Social Media Facebook,Twitter,Linkedin 3
Mobility Personal and work numbers 2
Financial Accounts Deposit/savings, brokerages, insurance, retirement 4
Health Payer, provider, online health center 3
Government Federal, State, Municipal 3
E-Commerce eBay, Amazon, 3 more (very conservative) 5
System ID and badge Work related 2
Total 24


It’s impressive how our connected, digital age is growing at such a pace.

now what is a digital identity? How may be reconciled to the physical me? Let me quote  Peter Steiner:

On the Internet, nobody knows you’re a dog – Peter Steiner

that’s it simple and true, the digital identity it’s not me at least not entirely, it’s  a part of me, linked to me in specific way and sometimes federated to another service, vendor, identity but still does not define me as physical identity.

Now in the world of professional of the identity management where I live this famous quote is a well know challenge not related only to Internet. The reality that identify someone by it’s digital identity is a real challenge and we overcame that challenge through the Identity Access Management tools.


if you’re in this business you’re already know the answer, if not we may find out you ‘cause since your digital identity is born to it’s end we were in a position to  define:

Who has access to What, When , How and Why

That is at the core the Identity Access Management business nothing more and nothing less but then something happened that is disrupting our well established model.

That “thing” is …well…called exactly like this..a “thing”.

The Internet of Things is here and it’s not going to fly away. So the question is:

What is exactly the Internet of Things?

no let me rephrase

To which extent the IoT is going to influence, interact or even disrupt the Identity Access Management model?

Well, curiously enough in a way that is fully predictable and well-known. No I’m not kidding that is something we all should already know.

Okay now I’ve got you let me give you a brief recap of what happened in the last…well millions of years.


The history is talking to us but we’re not listening

If we look back in the years to see how the urbanization and consequently the social interaction of humans happened we will find a  common pattern with our new digital life.

Not yet convinced? well let me give you a brief recap of what happened in the last…well 1 million years.

The primordial ages: No or rare cooperation based on small groups of humans. Identity lives constrained in a small ecosystem with almost no knowledge of other similar ecosystems. It’s was an opportunistic life where the contact made with other identities was based on mutual temporary need (i.e.:hunting) but a structured process was not implemented (i.e.: village).

The pre-Greeks ages: The growth of individuals forced them to adopt new strategies of cooperation and early forms of villages and urbanization start to be deployed. Individual develop the concept of identity as membership to a specific ecosystem. Rules were made to recognized the membership of individuals of a specific village and to understand their role inside it. Still the village was a “silos” related to other villages.

Polis (Greek city): Greeks developed a form of urban aggregation divided by roles where every citizen was recognized (authentication) and may “exchange data” with other citizens (authorization) based on the role in the hierarchy.The polis has the “upper town” where the more important resources were stored and the “lower town” where the workers used to lives. Both those identities were able to meet in the Agorà and exchange information,resources,data,etc.. the management encountered the governance model.

Megalopolis (or Megapolis): The growth of urban conglomerates become of such size that there’s no way to know who actually lives in the city and has access to the services. Micro-ecosystems connected to each other become a natural extension of our life. Relationships  between identities are of type 1-to-1,1-to-many,many-to-many and the regulations in place are not always able to adapt to the new models of living so the need of a new approach arise.

Now did you recognized the common pattern between history and digital era? Not yet? Let me help you a little bit more.

The digital primordial ages:Digital Identities are so rare that the management of their lifecycle is a manual or almost nonexistent process. There is not a real need of manage them and the process is based on a temporary basis (i.e.: I need to create the account for a service and will be probably the only account that will be used).

The digital pre-Greeks ages: Identities are growing so quickly that companies need a way to manage the identities life cycle and encapsulate them into a set of rules and processes (Identity Management). We start digital silos where the interconnection between identities were limited in number of type (i.e.: Active Directory and LDAP vs access to any form of outside federated service).

Digital Polis:The need of regulate the access  (AuthZ and AuthN) arise. The concept of Identity  reach maturity to the point that may be described extensively  (i.e.: Kim Cameron – The Laws of Identity -2005). Identity Access Management become a core technology inside the companies, the isolated Silos started to feel the need of an Agorà (federation) where to exchange information’s, resources, data, identities in a trustable way.

Digital Megalopolis: The number of identities continue to growth and new form of them are created accelerating once more the digital world. The perimeter of the digital world become more and more blurry . There’s not anymore a real separation between the role of employer, consumer,social identity.

We’re becoming a more and more complex ecosystem ourselves.


An ecosystem that establish relationships with other ecosystems in a variety of forms.

The internet of things is the definition of the digital megalopolis or in another words:

The digital megalopolis is nothing more than the description of the relationships between humans, non-humans and everything in between…

The common pattern is teaching us simply that we’re replicating the human history once more but this time through the use of a multitude of “us”. The level of maturity we were supposed to have is simply the same level of knowledge and maturity Greeks had comparing to what we know nowadays.

The history is about the evolution of complex systems

As the megalopolis cannot manage its citizens (regular and not) the digital megalopolis of the Internet of Things cannot anymore manage the identities and attributes in the very same way but must evolve toward a new paradigm.

What is about the Identity Relationship Management

Definition of relationships management as from Kantara definition (

Business Pillars:

  • CONSUMERS AND THINGS over employees
  • ADAPTABLE over predictable
  • TOP LINE REVENUE over operating expense
  • VELOCITY over process

Technical Pillars:

  • INTERNET SCALE over enterprise scale
  • DYNAMIC INTELLIGENCE over static intelligence
  • BORDERLESS over perimeter
  • MODULAR over monolithic

Let me focus for a moment only on the technical pillars and compare them to what I’ve described before.

INTERNET SCALE over enterprise scale: The digital silos are over, the interconnection between identities and  their relationships force the company to open itself to the outside world and accept that there’s a wide perimeter that include the company perimeter.

DYNAMIC INTELLIGENCE over static intelligence: The need to evaluate all the possible action made by the identities ask us to develop a form of intelligence that adapt itself to the new ecosystem taking in account that the identities are of man form and may “live and die” with such velocity to not be anymore accountable. Relationships are a more “stable” form of definition of the identities and as consequence should be the preferable form of management.

BORDERLESS over perimeter: As described above the digital megalopolis is made of micro-ecosystem that relate to each other in a variety of form, the age of the digital silos is over and the companies must adapt to survive.

MODULAR over monolithic: how many identities will exist on average next year? next month? next day? a monolithic approach that do not recognize the merging of the various identity roles (i.e.: consumer, employee, citizen,social ) could not overcome the challenge that has been thrown on the table by the Internet of Things Everything

Like the physical polis we as digital members of a a newly born digital megalopolis have to focus on the relationships that lives in the digital Agora

I’ll define then:

Me as in the micro-ecosystem made by the sum of my digital identities

You as the micro-ecosystem made by the sum of the digital identities with whom I am establish a relationship of any type

MrY as the the relationship between us that may be transferable, re-usable by any other identity or service

The digital megalopolis is nothing more than the description of the relationships between humans, non-humans and everything in between…