Q

What is federated identity management?

A SearchSecurity.com member asks, "What is federated identity management?" Resident identity management and access control expert Joel Dubin tackles this question in this Ask the Expert Q&A.

This Content Component encountered an error
What is federated identity management?
Federated identity management is the unification of different authentication systems, so users can log on to different systems using the same authentication credentials.This sounds a lot like single sign-on ( SSO) systems, where users to log on to multiple systems with a single user ID and password and the SSO system manages accessing each application from there.

SSO is only one type of federated ID management. There are other more notable systems, such as one-time password (OTP) tokens. OTPs are gaining popularity as a two-factor authentication method for financial Web sites that need to comply with the Federal Financial Institutions Examination Council (FFIEC) directive, which states that all financial Web sites who participate in high-risk transactions must use two-factor authentication to...

secure customer information.

An OTP token generates a random PIN number every 30 or 60 seconds, which the user enters in addition to their user ID and password to log on to a system, like a Web site. The OTP provides an extra layer of protection, as it's nearly impossible to crack that ever-changing PIN number. Therefore, even if the user ID and password are stolen or sniffed off the network, the OTP still blocks access, malicious or otherwise.

If the OTP's popularity continues to increase, customers could find themselves carrying a key ring full of tokens, one for each of their banks, credit cards or other financial Web sites. The goal of federated identity management is to stop that. In an ideal world, users would carry one token to access all their systems, no matter who ran it.

Federated ID management is still in its infancy. It's been slow to take off, partly because competing companies and financial institutions would have to agree on a unified standard and IT architecture for such a system. There are initiatives in progress, some working to create standards across different companies. Two of the most famous are the Microsoft Passport initiative and the Liberty Alliance. IBM is also developing one for the private sector and OASIS is developing a federated identity solution for Web services.

MORE INFORMATION:

  • Attend this on-demand webcast and learn how to successfully and securely deploy SSO in the enterprise.
  • Use this learning guide to review your authentication options.
  • Visit our resource center and weigh the pros and cons of single sign-on.
  • This was first published in July 2006

    Dig deeper on Enterprise Single Sign-On (SSO)

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close