Cross-enterprise Identity Federation (OASIS - SAML) Implementation: An exploratory financial services case study

In the networked economy, strategic partnerships and collaboration are an important way to develop and maintain competitive advantages. At the same time, enterprises also need to reduce costs, increase revenues and seize new business opportunities. This demands enterprises to enable convenient and secure business interactions with internal and external stakeholders, and create relationships to trust the electronic identities to access critical information resources. Federated identity management (FIM) is a system that enables individuals to use the same credentials or identification data to obtain access to the networks of multiple enterprises to conduct business transactions. FIM has demonstrated huge potential in providing reliable and scalable solutions to problems in systems security and access management. SAML (Security Assertion Markup Language) is the dominant web services standard for FIM. The objective of the paper is to present an exploratory case study based research to investigate implementation challenges, outcomes and federated identity management opportunities using evidence from a complex implementation of Identity Federation using SAML at a mid-sized north-east US bank. The SAML integration was achieved using a commercial off the shelf product, by Computer Associates, eTrust® that also leverages SAML as web services standard for federated identity management. Discussion in the paper presents common obstacles, opportunities, motivations and future directions in the realm of identity federation based on evidence from extensive project and product documentation provided by the financial services institutions team and on interviews with six team members of the case study project, including one senior information security manager.