Over the years, I have published numerous articles on digital identity elsewhere on the Web. This page provides links to those articles, and a brief summary of their content.

A Peek into the Future of Decentralized Identity

Decentralized identity and self-sovereign identity (SSI) are enabling a paradigm shift in the issuance and presentation of verifiable credentials (VCs). VCs provide an ability to perform digital as well as physical interactions with a higher level of trust due to their cryptographic protections and privacy-enhancing capabilities. In this article, you will learn about the industry standards and a technical implementation that can enable the secure and trustworthy exchange of verifiable attestations.

The Importance of Identity and the Capabilities and Value of Microsoft’s Identity Services

Microsoft has many identity and access management (IAM) services and capabilities. In this article, I discuss Microsoft’s Identity Platform and the value it brings to organizations. I also debunk a few myths about Microsoft’s identity products which you should be aware of. One of the most important myths is that the Microsoft Entra Suite of products is only for the Microsoft ecosystem – it’s not! Microsoft’s identity platform capabilities are designed to integrate with third-party services, in addition to Microsoft’s first-party services.

The Capabilities of Identity and Access Management

Identity and Access Management (IAM) is a broad term that generally describes three broad identity capabilities: identity governance and administration (IGA), access management (AM), and privileged access management (PAM). In this article, I discuss these three capabilities of IAM, and also cover Levels of Assurance (LoA). I discuss why LoAs are important, and dive deeper into specific LoAs, such as identity assurance and credential/authentication assurance.

Self-Sovereign Identity (SSI) and Web Public Key Infrastructure (PKI)

Self-Sovereign Identity (SSI) (also known as Decentralized Identity) introduces a new paradigm for the secure and trustworthy exchange of digital attestations. In this article, I compare the emerging domain of decentralized identity and decentralized public key infrastructure (dPKI) with the decades-old, and arguably more centralized public key infrastructure for the World Wide Web. I discuss how these two approaches are both similar and different, and how they can be used together to enable a more trusted digital experience on the Web.

Digital Identity Levels of Assurance

The National Institute of Standards and Technology (NIST), which is an agency of the United States government, has produced digital identity guidelines that help organizations and government agencies enable a more secure interaction with digital services. In this article, I discuss the three levels of assurance: identity assurance, authentication assurance, and federation assurance. Within each assurance category, there are three levels of assurance, ranging from low assurance to high assurance. You will learn about the assurance categories and their levels in order to be able to make better decisions from a security, privacy, and usability perspective for digital interactions.