Identity (ID) management is a broad topic focusing on confirming, protecting and using personal IDs. This topic covers many disciplines, from computer science to social training. Any topic that has to do with safeguarding or using an individual method of identification is part of ID management. The end goal of this interdisciplinary process is the use of individual IDs to create a personal profile for a user. Using this profile, that person could shop, go to work or perform any common task without the need for money or additional identification.
The theory of ID management involves taking an individual and breaking them down into quantifiable segments. Easy factors include age, sex, address, and other obvious factors. Next comes more difficult factors such as likes and dislikes or personal tendencies. Finally, there are qualities that are not quantifiable by normal means, such as life goals and desires. If it were possible to take all of these factors into account and create a personal profile, that profile should be totally unique to that person.
In absence of the technology to perform such a personal breakdown, governments, companies and private groups use other methods for creating IDs. These are often numbers, such as the social security numbers used in the US or employee identification numbers, or usernames and passcodes used to access private data. While these processes all have advantages, the lack of a centralized system makes it difficult to perform true ID management.
One of the main goals of any ID management system is keeping the IDs away from people who shouldn't have them. With a typical ID system, any person with the correct information is assumed to be the person in question. Since this single security flaw can cause such a problem if exploited, a great deal of any management system is focused on preventing or dealing with such an occurrence.
On the preventative side, much of the effort goes into keeping the IDs secure. This process is generally twofold. On the technical side, the IDs are kept in a separate system and typically encrypted in some fashion. This way, even if the ID system is compromised, the IDs may still be safe. On the social side, the ID owners are encouraged to change their passwords as well as use non-obvious letter and number combinations.
When dealing with a breach in ID management, there are generally a wide range of problems. The first problem is preventing the breach from increasing in size or severity. This involves locking down the ID and preventing it from being used for any purpose. Next, the owner of the ID needs to have their activities examined so any false use of the ID may be separated from legitimate ones. The rightful holder of the ID needs a new ID issued, and any harmful activities performed under their old ID need to be expunged.