Ask
Login
0
4.9kviews
Explain Federated Identity Management
written 8.4 years ago by gravatar for teamques10 teamques10 68k modified 2.8 years ago by gravatar for sagarkolekar sagarkolekar 11k
system security
ADD COMMENT EDIT
1 Answer
0
27views
written 8.4 years ago by gravatar for teamques10 teamques10 68k
  • Federated identity technology is used for creating a globally interoperable online business identity, driving relationships or affinity driven business models between companies.
  • The concept is nothing new, as we have real-world models for federated identities of individuals—a passport is a global identity credential that vouches for one's identity in a country; an ATM card is a credential that vouches for one's bank account; a driver's license vouches for one's ability to operate a motor vehicle and is also frequently used as a proof of identity in many business transactions.

enter image description here

  • Federated identity management is based on the business agreements, technical agreements, and policy agreements that allow companies to interoperate based on shared identity management.

  • This helps companies to lower their overall identity management costs and provide an improved user experience. It leverages the concept of a portable identity to simplify the administration of users and to manage security and trust in a federated business relationship.

  • The simplification of the administration and the life cycle management in a federation leads to the following value proposition:

    i. Identity management costs can be lowered because companies are no longer in the business of managing users or identities that are not under their control, including the delegate administrator identities currently managed by many first-generation federation attempts. Businesses need to manage access to data but do not have to manage accounts and user account data.

    ii. User experience can be improved because users can navigate easily between Web sites while maintaining a global login identity.

    iii. Inter-enterprise application integration within federations benefit from the end to end security and trust capabilities.

  • Integration can be simplified because there is a common way to network identities between companies or between applications.

  • Organizations can implement business strategies that drive organic market and customer growth by eliminating the friction caused by incompatible identity and security management between companies.
  • This approach helps companies to lower identity management, access management, and administration costs related to third-party user access or third-party service access.

  • When discussing identity federation, identity federation splits into a few different solution areas

    The solution areas are:

    i. Web-based Single Sign-on - Federated Single Sign-on referred to as F-SSO

    ii. Application based Web services security - Secure Web services referred to as Web services security management

    iii. Identity life cycle - Federated provisioning

  • Federated identity management often refers to user-driven, browser-based interaction between organizations.

  • This space is reference to as federated single sign-on (F-SSO) even though it has largely matured beyond just single sign-on functionality.
ADD COMMENT EDIT
Please log in to add an answer.