Home > Ask the Security Experts > Identity Management and Access Control Questions & Answers > How do local identity, SSO and federated identity management models differ?
Ask The Security Expert: Questions & Answers
EMAIL THIS

How do local identity, SSO and federated identity management models differ?

Joel Dubin, past SearchSecurity.com expert EXPERT RESPONSE FROM: Joel Dubin, past SearchSecurity.com expert

Pose a Question
Other Security Categories
Meet all Security Experts
Become an Expert for this site


Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   


>
QUESTION POSED ON: 04 November 2006
I've heard a lot about the local identity model as it relates to identity management, but I am still unclear on what it does. Can you please explain how it works and briefly tell me how it compares to a federated identity management model?


BROWSE BY TAG
Identity Management and Access Control,   Enterprise Single Sign-On (SSO),   Enterprise Identity and Access Management,   User Authentication Services,   Security Token and Smart Card Technology,   Expert Archive: Identity Management and Access Control,   VIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us   



RELATED CONTENT
Identity Management and Access Control
Is Identity Management as a Service (IDaaS) a good idea?
How to log in to multiple servers with federated single sign-on (SSO)
How to confirm the receipt of an email with security protocols
Learn about enterprise strategy for server virtualization single sign-on
Employee information security awareness training for new IAM systems
Can you combine RFID tag technology with GPS to track stolen goods?
Is there a free enterprise-caliber password-management tool?
Cryptosystem attacks that do not involve obtaining the decryption key
Can any firm or organization get a digital signature certificate?
Should the CTO have domain administrator access?

Enterprise Single Sign-On (SSO)
How to log in to multiple servers with federated single sign-on (SSO)
Security on a budget: How to make the most of authentication tools
Best Identity and Access Management Products
Changing times for identity management
Kerberos configuration as an authentication system for single sign-on
How to use single sign-on for Web access control to prevent malware
Learn about enterprise strategy for server virtualization single sign-on
Enterprise single sign-on: Easing the authentication process
Exploring authentication methods: How to develop secure systems
User provisioning and SSO for PeopleSoft- and Unix-based products
Enterprise Single Sign-On (SSO) Research

Security Token and Smart Card Technology
First Data, RSA push tokenization for payment processing
How to log in to multiple servers with federated single sign-on (SSO)
Best Authentication Products
Are 'strong authentication' methods strong enough for compliance?
Risk management must include physical-logical security convergence
RSA researcher Ari Juels: RFID tags may be easily hacked
Portable security storage device could replace OTP devices
Can you combine RFID tag technology with GPS to track stolen goods?
Security token and smart card authentication
Embedded smart card chips are open to hack attacks

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
onboarding and offboarding  (SearchSecurity.com)
single sign-on  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary


The local identity model, as the name implies, refers to authentication of a local system only. Federated identity management, on the other hand, allows users to log on to different systems across different domains, like those of various companies, enterprises or suppliers.

A close relative of federated identity management is single sign-on (SSO). In many organizations, users have several applications that they need to log on to, each requiring distinct user IDs and passwords. SSO allows a user to sign on once with a single user ID and password, and still have access to these different systems.

The difference between SSO and federated identity is subtle. SSO unifies access management for disparate systems within an organization. Federated identity does the same, but across different organizations. In a sense, federated identity is SSO across company boundaries.

Federated identity is meant to be a more efficient way to access similar systems used by different enterprises. A bank, for example, might issue one-time password (OTP) tokens for customers looking to log on to its Web site. If several banks use these security devices, an individual user could have a pocketful of tokens. Federated identity is meant to circumvent such a hassle, and customers would only need one token for several banks.

Federated identity management is still in its infancy, and many organizations are skeptical of the authentication concept. Besides the technical issues of creating a centralized directory structure, there are the issues that come with sharing authentication information among competing organizations. This has probably been the biggest stumbling block to date.

Initiatives, however, are still continuing with such efforts as Liberty Alliance Project, Security Assertion Markup Language (SAML) Web Services Federation Language (WS-Federation) and the open source project SourceID.

More information:

  • Learn more about federated identity management.
  • Find out how SSO affects compliance efforts.

    		•



    Search and Browse the Expert Answer Center
    Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.
    Browse our Expert Advice



    Find Security Solutions for Your Business
    TechTarget Security Media
    Information Security View this month\\'s issue and subscribe today.
    Information Security Decisions Apply online for free conference admission.
    		SearchSecurity.com
    HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
    SEARCH :     Site Index Powered by: Search Powered by Google

    About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
    TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

    TechTarget Corporate Web Site  |  Media Kits  |  Site Map




    All Rights Reserved, Copyright 2003 - 2009, TechTarget | Read our Privacy Policy     		  TechTarget - The IT Media ROI Experts