Federated Identity Management: Shortcomings of existing standards
نویسندگان
چکیده
As the coverage area of conventional identity & access management solutions is limited by an organization’s boundaries, several approaches for Federated Identity Management (FIM), i.e., cross–organizational identity and user data exchange, have emerged. In this paper we demonstrate that even the most important FIM standards have several shortcomings in common which are prejudicial to early FIM adoption in large heterogeneous service infrastructures.
منابع مشابه
Towards Improved Federated Identity and Privilege Management in Open Systems
1. Motivation The ability to federate identity across organizations while maintaining access rights and privileges poses a major challenge [5]. The solution is federated identity and privilege management. However, almost all well-known such schemes have their drawbacks. Additionally, the development of Web-based federated identity solutions has advanced more rapidly as compared to the Web-based...
متن کاملA synchronous, open, user-centric, federated Identity and Access Management System (OpenIdAM)
It is acknowledged that the latest stable XML technologies, standards and specifications may build real interoperable and secure enterprise privacy-aware implementations. However, existing implementations do not address the users’ need to easily handle their identifiers and credentials while providing pluggable modules for interconnecting their pre-existing business applications and platforms. ...
متن کاملUsing XACML for Privacy Control in SAML-Based Identity Federations
With Federated Identity Management (FIM) protocols, service providers can request user attributes, such as the billing address, from the user’s identity provider. Access to this information is managed using so-called Attribute Release Policies (ARPs). In this paper, we first analyze various shortcomings of existing ARP implementations; then, we demonstrate that the eXtensible Access Control Mar...
متن کاملCERIAS Tech Report 2004-32 TOWARDS IMPROVED FEDERATED IDENTITY AND PRIVILEGE MANAGEMENT IN OPEN SYSTEMS
Federated identity and privilege management are the cornerstones of access management on the Web. The increasing trend of business integration across enterprises and Web-based collaboration has led to tremendous growth of the identity and privilege management research and products in the recent past. However, despite the existence of available mechanisms, there are drawbacks in almost all well-...
متن کاملSupporting Virtual Organization Lifecycle Management by Dynamic Federated User Provisioning
For highly dynamic Grid scenarios, scalable solutions for resource, service and access management are essential. However, in today’s real world Grid projects, organizations still struggle with system and account management tools that have been designed for intra-organizational use and fail to handle cross-organizational requirements as imposed by Dynamic Virtual Organizations (DVOs). A critical...
متن کامل