Identity Correlation - Approaches To Linking Disparate Account IDs

Approaches To Linking Disparate Account IDs

As mentioned above, in many organizations, users may sign into different systems and applications using different login IDs. There are many reasons to link these into ``enterprise-wide user profiles.

There are a number of basic strategies to perform this correlation, or "ID Mapping:"

  • Assume that account IDs are the same:
    • In this case, mapping is trivial.
    • This actually works in many organizations, in cases where a rigorous and standardized process has been used to assign IDs to new users for a long time.
  • Import mapping data from an existing system:
    • If an organization has implemented a robust process for mapping IDs to users over a long period, this data is already available and can be imported into any new Identity management system.
  • Exact matching on attribute values:
    • Find one identity attribute or a combination of attributes on one system which correlate to one or more attributes on another system.
    • Connect IDs on the two systems by finding users whose attribute(s) are the same.
  • Approximate matching on attribute values:
    • The same as above, but instead of requiring attributes or expressions to match exactly, tolerate some differences.
    • This allows for misspelled, inconsistently capitalized and otherwise somewhat diverse names and similar identity values.
    • The risk here is that accounts which should not be connected will accidentally be matched by this process.
  • Self-service login ID reconciliation:
    • Invite users to fill in a form and indicate which IDs, on which systems, they own.
    • Users might lie or make mistakes—so it's important to validate user input, for example by asking users to also provide passwords and to check those passwords.
    • Users might not recognize system names—so it's important to offer alternatives or ask users for IDs+passwords in general, rather than asking them to specify which system those IDs are for.
  • Hire a consultant and/or do it manually:
    • This still leaves open the question of where the data comes from—perhaps by interviewing every user in question?

Read more about this topic:  Identity Correlation

Famous quotes containing the words approaches, disparate and/or account:

    I should say that the most prominent scientific men of our country, and perhaps of this age, are either serving the arts and not pure science, or are performing faithful but quite subordinate labors in particular departments. They make no steady and systematic approaches to the central fact.... There is wanting constant and accurate observation with enough of theory to direct and discipline it. But, above all, there is wanting genius.
    Henry David Thoreau (1817–1862)

    Human life itself may be almost pure chaos, but the work of the artist—the only thing he’s good for—is to take these handfuls of confusion and disparate things, things that seem to be irreconcilable, and put them together in a frame to give them some kind of shape and meaning. Even if it’s only his view of a meaning. That’s what he’s for—to give his view of life.
    Katherine Anne Porter (1890–1980)

    If I tell you that I would be disobeying the god and on that account it is impossible for me to keep quiet, you won’t be persuaded by me, taking it that I am ironizing. And if I tell you that it is the greatest good for a human being to have discussions every day about virtue and the other things you hear me talking about, examining myself and others, and that the unexamined life is not livable for a human being, you will be even less persuaded.
    Socrates (469–399 B.C.)