Managing subscribers' identities and data becomes a critical aspect of doing business for network operators as they converge their mobile, wire line, and internet businesses into next generation networks and fixed-mobile-convergent architectures. In order to offer a simplified sign-on process, along with new services such as converged billing, email or address books, network operators have been evaluating and implementing identity management technologies. Network operators have started to understand they have now the opportunity to become identity providers, capable of offering identity verification services, e.g. to web content providers. At the same time, pressure on network operators is mounting from Web 2.0 companies such as Yahoo! or Google, who have an opportunity to control their users and learn about their behavior, too. Network operators need to find a way to build loyalty among their existing customers to prevent revenue erosion from being relegated to providing only dump transport services.

What Is Identity Management?

Identity Management can be understood as a set of business processes, policies, and technologies that enable companies to manage access to applications or services while at the same time protecting a user’s individual privacy as well as the company’s resources and infrastructure. In such an ecosystem, user authentication is a prerequisite for accessing any service. This can be realized by simple mechanisms such as username and password verification, or in case of strict security requirements, e.g. finical transactions, with more advanced means such as tokens or biometrics. Upon successful authentication, the user is given access to specific applications or services as predefined by a set of policies. Service providers selling products online, typically oblige users to provide with their username and password before they can make use of any of the offered services. In a similar fashion, companies mostly require their employees to access corporate networks and applications using either passwords or eventually more secure authentication routines such as pass-codes, generated by a specialized device. In most authentication cases, data is encrypted before being sent over a “public” bearer such as the Internet or a virtual private network.