Achieving Security by Tying Identities to Digital Assets

June 21, 2006

Achieving Security by Tying Identities to Digital Assets

Achieving Security by Tying Identities to Digital Assets 

By Fran Howarth, Partner

 

No technology can exist in isolation. That is why ‘integration’ and ‘interoperability’ are such important words in the technology industry. But, for technologies to work together, they must be based on the same, open standards.

The development of such standards is extremely important for the take up of any new technology. But once those standards reach a reasonable level of maturity, momentum can build fast. This is what is happening in the markets for both federated identity management and digital rights management (DRM) technologies—both of which are showing strong double-digit growth rates in terms of the number of organizations taking advantage of the protection that these capabilities afford their businesses.

In some cases the two technologies are being used hand in hand. This makes perfect sense in some markets. A prime example is the pharmaceutical sector, which is characterised by large investments in developing and testing new drugs. This involves undergoing expensive and complex clinical trials procedures—whilst complying with a range of industry regulations that are recognized by bodies such as the US Food and Drug Administration, the National Cancer Institute and the European Medicines Agency. To drive efficiencies and help with compliance goals, pharmaceutical firms, clinical research organisations and regulatory agencies need a legally enforceable, standardized way of managing the reams of documentation involved in clinical trials in a secure manner.

One initiative being undertaken in the pharmaceutical sector is the SAFE BioPharma not-for-profit coalition set up by some of the largest global pharmaceutical firms in operation today and sponsored by the Pharmaceutical Research and Manufacturers of America, the European Federation of Pharmaceutical Industries and Associations EFPIA and pharmaceutical concerns. Based on a federated identity management model using PKI technology from CoreStreet, members of the network benefit from the use of trusted electronic identity credentials that authenticate individuals to provide them to the services they are permitted to access, while tying an auditable trail linking a user’s identity to every electronic transaction or communication that they make. They also benefit from the work that has been done over the past two years to overcome the legal issues involved in federated identity management networks—including the use of common policies, processes and technical interoperability based on the use of standards.

But, since the purpose of the SAFE BioPharma initiative is primarily to allow participants in clinical trials to securely collaborate on document production and review, another prime enabling technology being used by SAFE BioPharma is enterprise DRM. Enterprise DRM technologies tie a user’s identity to every touch point that they have with an enterprise’s intellectual property, ensuring that only those with correct access permissions can read or alter sensitive business documentation. According to technology vendor CoreStreet, reducing the pharmaceutical industry’s reliance on paper could lead to savings of $9 billion per year.

This initiative from the pharmaceutical industry is just one example of how emerging technologies such as federated identity management and DRM can be used to help organisations achieve efficiency goals—and can even lead to them generating more revenue by allowing them to focus on their core competencies without worrying about the extra headache of security. All industries stand to benefit from exploring these emerging areas of technology—and their combined use could benefit many vertical sectors, such as those wishing to improve collaboration in their supply chain or provide greater security for sensitive issues, such as merger and acquisition discussions.

Newsletters 2006
About admin

Leave a Reply

Your email address will not be published.