Federated identity

A federated identity is a " summary " identity that spans multiple systems. Identity information is often kept and used in different systems. If Company A, for example, his PC always ordered from B Company, then the ordering persons and their roles are defined in Company A. In Company B, however, is determined which orders may be performed by which role. For processing the order process identity information of both companies must be grouped together. The information about it is usually replaced with the aid of SAML.

The advantage of the " federated " approach to identity management in networked system environments such as the Internet is that the actual information always remain where they are. Instead of building huge centralized databases, provide federated identities only for uniform data standards, due to which information can be shared as needed.

To this end, the participants "Circles of Trust " create ( German as " trusted circle " ), who agree on technical standards, common organizational rules. The citizen who is equipped with the appropriate access rights ( for example, with a digital signature ), can move within this circle of trust, without signing up each time and need to identify. The information about what someone can and can not, is still stored in the respective systems of each circle members. The federal system is completely transparent, verifiable and meets the social demand for informational self-determination.

Federated identities are even in the U.S. is still a new and revolutionary perceived by many as a concept. Indeed, but its implementation is already well advanced. In charge is the so-called Liberty Alliance, a consortium of currently more than 150 major companies in the IT and telecommunications on the one hand, and international, national and transnational organizations on the other side.

The aim of the Liberty Alliance is not to create a uniform technical solutions for federated identities. Rather it intends to reach a consensus on standards and descriptions; each, whether business or management, it shall be open thereafter to develop products and solutions based on these standards, deploy and distribute. However, it can assume that identities are maintained and managed in his system, are recognized by the systems of the other participants, provided they adhere to the Liberty Alliance standards. The thus identified can be recognized and authorized across multiple systems.

In practice, this means that a user who has been identified by a participating and regarded as trustworthy site can access content and services without having to identify themselves each time. Since the user even while retaining control over what information can be found about him from whom, or what permissions and attributes between the parties to be replaced, even supported the interests of data protection in even greater account than would otherwise often nowadays in networked systems is the case. Federated identities thus contribute simultaneously to greater openness and security.

  • Identification technology
Purchase order Security Assertion Markup Language Accomplice Accounts receivable Concept (disambiguation) Foundation (engineering) Service (economics) Control (management) Credential
328963
de