Issue No. 02 - March/April (2008 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2008.50
Eve Maler , Sun Microsystems
Drummond Reed , Cordance Corporation
Digital identities can be associated with everything from people to software applications to entire companies, but human digital identities prove the most interesting and challenging. Human digital identities can simplify network usage and enable new classes of applications, but they also introduce security and privacy risks. Federated identity management addresses scenarios in both enterprise and consumer contexts by defining how to dynamically distribute identity information and delegate identity tasks across security domains. This article explains federated identity's components, discusses security and privacy risks and architectural challenges, surveys the SAML, OpenID, and InfoCard protocols, and reviews new developments in federated identity management.
digital identity, federated identity management, access control, security and privacy, user authentication, distributed identity management, SAML, OpenID, InfoCard, Cardspace
D. Reed and E. Maler, "The Venn of Identity: Options and Issues in Federated Identity Management," in IEEE Security & Privacy, vol. 6, no. , pp. 16-23, 2008.