AI and Identity - It's a kind of magic

I've always had a soft spot for AI and Identity. I first used AI to solve an identity problem 28 years ago. It was 1994, and for my final year project I proposed to use a neural network to identify users logging into a system based on their typing patterns. Nobody knew much about this technology, and most people, including me, thought it would fail. I did it in any event.

I still remember my astonishment when the very simple multi-layer perceptron artificial neural network successfully trained on a data set collected from my fellow students in the computer labs and then correctly classified a user based on their typing pattern. Magic!

Fast forward to the present. The magic only got more powerful. AI as a technology has come a very, very long way from those simple multi-layer perceptron networks. Much like identity, AI is turning into a utility and is being plugged into every application imaginable.

Identity for its parts is even more pervasive than AI. The ability to ensure that the right person or machine has access to the right resources at the right time is fundamental to building secure and trustworthy systems. Every human/machine or machine/machine interaction requires an identity, even if that identity is anonymous or inferred.

So what happens when we connect these two utilities? To start with, there are two lenses we can use as we start our exploration.

AI for Identity: AI is already used in identity systems for document and biometric verification and identity protection. Its ability to find patterns and anomalies in large datasets is valuable for anti-fraud and system monitoring applications. It enables continuous authentication and authorization scenarios and assists in compliance reporting. With the latest developments in generative AI, there is an opportunity to use it as a new user interface that allows users to create and interpret policies and configurations without the need to become experts in Identity management technologies. AI will help improve identity infrastructure, technology and experiences by automating tasks and acting as decision support systems whenever its raw material (copious amounts of data) is available.

Identity for AI: As the role of AI in society becomes more prominent, the need to be able to identify an AI will increasingly be in the spotlight. Impersonating an AI, impersonating a human with it, compromising it or changing it without the users awareness can have dire consequences. So, what is an AI identity? AIs are complex machines. They are composed of the data sets they are trained on, the trained model, the software that implements the algorithms, the hardware it is running on, the VMs and containers on which it is deployed and the workload identities of the different microservices that make up the AI. The good news is we don't have to start from scratch as we already establish identities for the various composite parts of an AI. What is missing is bringing it together as a single composite identity or identifier that can be verified by machines and humans. How to make these AI identities intelligible for humans is an open ended question that may have different answers depending on whether they are AI or Identity experts, IT administrators, developers or consumers.

Down the rabbit hole: Those two lenses gives some brief glimpses, a mere hint, of a world where we merge Identity and AI. It raises many questions and opens a rabbit's warren ready to be explored. What problems will we be able to solve for customers? How will it drive innovation in technology, operations, security, trust, standards and business models? What skill-mix do we need to connect and use these technologies? What new risks are emerging as we connect these two utilities and what are the ethical considerations?

Combining AI and Identity is it's own kind of magic and I hope to explore these topics further as we continue down the rabbit hole. In the meantime, if this is an area of interest for you, I would love to hear from you.

P.S. you probably wonder if I used generative AI in creating this article. The answer is yes. The image at the top of the post was generated by Dall-E from OpenAI and I used ChatGPT, in much the same way that I would have used a search engine, worked with an editor to refine text, or bounced ideas of a colleague. We are in uncharted water with generative AI and I am choosing transparency in the hope that others will as well.