An identity can have an attribute custodian and that custodian must uphold the confidentiality, integrity and availability of the data at all times
An identity data custodian is likely in todays highly federated and out-sourced infrastructures. No longer is it possible to have all data managed and stored by an infrastructure belonging to either the data owner or service provider.
Cloud storage is omni-present, with software-as-a-service, platforms-as-a-service and infrastructures-as-a-service all interacting seamlessly to provide an end-to-end solution. Data, even whilst governed within a fully transparent consent framework, is likely to require physical storage with a custodian - with the custodian taking no active part in the identity lifecycle, authentication, authorization or approval processes.
The custodian must therefor uphold the data based information security triad of confidentiality, availability and integrity.
© Copyright 2016. All Rights Reserved.
8901 Marmora Road,
Glasgow, D04 89GR