What is Federation?
Let us discuss the challenges of Identity Silos.
Enterprise IAM suites provide a tightly coupled integration with managed resources.
This is better than having indipendent ID's on individual systems. But falls short of the ideal solution where we can maintain the unified identity outside the enterprise domain.
With increasingly collaborative environment being enabled by online communities there is a need for a loosely coupled system providing a way to identitify users accross domains which collaborate frequently.
This is what Federation addresses.
So to summarize technically, Federation is:
1.A set of technical, legal, and operations agreements that facilitate distributed identification, authentication & authorization across boundaries (security, departmental, organizational or platform).
2.A model based upon trust in which user identities and security are individually managed and distributed by the service providers or member organizations.
3.The individual organization is responsible for vouching for the identity of its own users and the users are able to transparently interact with other trusted partners based on this first authentication
1.A set of technical, legal, and operations agreements that facilitate distributed identification, authentication & authorization across boundaries (security, departmental, organizational or platform).
2.A model based upon trust in which user identities and security are individually managed and distributed by the service providers or member organizations.
3.The individual organization is responsible for vouching for the identity of its own users and the users are able to transparently interact with other trusted partners based on this first authentication
The figure below depicts a typical Federated environment:
No comments:
Post a Comment