...
In addition to managing entity data sourced from various business processes, identity registries typically are source systems (i.e., are authoritative) for some data, in particular institutional identifiers. A common registry-managed identifier is a registry ID (also called unique ID, or UUID) that is an opaque non-reusable identifier serving as an institutional "key" for the entity. Another common registry-managed identifier is a network ID (also called NetID or username) that is used by end-users for login and other services such as email. Creation and management of NetIDs, and other similar identifiers such as Distinguished Names, may be integrated with credential assignment processes that also include management of authentication information such as passwords and public keys. This is a touchpoint between identity registries and authentication systems.
| Anchor | ||||
|---|---|---|---|---|
|
Registration, matching, reconciliation
...
Identity registries are maintained via many processes; some of these involve interactive access by registry-associated staff to do such operations as status checking, handling merges and splits, investigating data anomalies, viewing entry history, generating reports, etc. This implies requirements for user interfaces to support these operations, including appropriate access control. Other functions may imply a need for end-user access for operations such as profile management, self-service merging, service requests, etc.
Enterprise system services
[OSIdM4HEteam:Workflow, reporting, notification, event/message services, archiving, intrusion detection/prevention, etc etc]