Have you ever tried to sign up for a Web service, and found that the username you picked was already taken? As well as your second, third and fourth choice? And did this make you pick a new identifier, different from any other one that you have used before? And could you, six months later, remember it?

The difficulty of assigning meaningful identifiers is an annoyance for us as individuals. But for CIOs in major corporations, it’s a big headache. Identity management issues can be responsible for 15-20% of large program development costs. The Yankee Group reckons that the identity management market is growing at over 7% per year and will reach $3.3 billion by 2008 – revenue for vendors; cost for users. And some of this cost is simply down to identifier collision and confusion – it’s real, but unnecessary.

An organization must manage the identities of many people. Unfortunately, each of these people generally ends up with multiple identifiers, because different departments work in different ways, different products use different formats, and different managers make different choices at different times.

The traditional solution was to assign everyone an employee number. But with the rise of the boundaryless organization, and with the need to manage identities of people not only within the organization, but also of people associated with customers, suppliers, and other business partners, this solution does not suffice. And today’s frequent mergers and acquisitions introduce further complexities, making employee numbers potentially as confused as names.

A more modern approach, commonly used for web services, is to identify people by their e-mail addresses. Unfortunately, these are unstable, and change quite often, as people change Internet service providers, or corporations reorganize their mail domains. Despite that, companies need to be able to keep track of their employees’ activities. For example it is critical to be able to document decisions on a large – often multi-million dollar - engineering contract. Companies need to ensure greater stability, or even permanence, of identities.

The difficulties are compounded by the way that software products identify their users. They do not have meaningful, human-friendly identifiers; they have systemic identifiers – strings of letters and numbers that operating systems assign that are convenient for machine processing but have no other meaning. Unfortunately, a user generally ends up with a different identifier on each system and, when a real person needs to be identified, perhaps in the case of a security breach, or when responsibility for a transaction is in question, it can be downright impossible to follow the trail.