Standards emerge Standards evolution Where standards converge Three Liberty standards What about Shibboleth? A logical view of SAML 1.x

Federation is the dominant trend in identity management. But many users still aren't sure what federated ID management is, how it can benefit them or how they can implement it as part of the evolving new data center architecture.

Essentially, federated ID management is a result of the modern world of distributed network services and refers to establishing trust relationships among decentralized security and policy domains. With a federated ID environment, a layer of abstraction is implemented over legacy identity and security domains. Using standardized methods, each domain can share its local identity and security information while retaining its own internal directory, metadirectory, account provisioning and public-key infrastructure services.

Many IT professionals have heard of federated ID initiatives such as the Security Assertion Markup Language (SAML), Liberty Alliance and WS-Federation, but aren't clear on whether, how and to what extent these specifications overlap or complement one another. They wonder whether the technology is ready to use in their new data center architectures. Rest assured, federated ID deployment is growing rapidly, delivering solid benefits for pioneers even as standards makers work to ease the way toward tomorrow's implementations.

Standards emerge

The primary federated ID standards vying for a place in your infrastructure are SAML 1.1, Liberty Alliance Identity Federation Framework 1.2 (ID-FF) and Identity Web Services Framework 1.0 (ID-WSF), and WS-Federation 1.0.

While implementing custom-built federated ID environments also is possible, such interfaces aren't easily extensible to new partners and applications. That's what one multinational financial services firm found when it built a federated business-to-business ID environment using a proprietary approach. The firm's federated ID environment, built three years ago, lets employees log on to an internal employee portal and, through that site, access partner Web sites. They do so on a single sign-on (SSO) basis.

"With [the emergence of] SAML, we've gotten push back from external partners because our federation approach is proprietary. That has spurred us to implement SAML, which has come up as a top priority," says a project leader for Web services security at the firm who asked not to be named.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Secure Wireless Printing Options
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• The Latest Advancements in SSL Technology

View more SOFTWARE whitepapers

Webcasts

• Managing the End User Experience-A Real World Example of Success
• Lowering the Cost of Email Archives
• Google Webcast: Why archive email? Top challenges and best practices
• High Availability for SQL Server 2005 Using Array-Based Replication and Host-Based Mirroring Technologies
• Technical Overview of Exchange Server 2007 with HP Servers and Storage
• Bringing Order and Security to your Mobile Workforce: Corporate Mobility Policy and Device Management On-Demand

View more SOFTWARE webcasts

Special Reports

• WAN Optimization: The Ultimate No Brainer
• Keeping Spam at Bay
• Application Performance Management Executive Guide
• Executive Guide: Building a Service Oriented Architecture
• Executive Guide: Virtualization Reality Check
• IT Buyers Guide To: Collaboration

View more SOFTWARE special reports