As is the case for its local identities, an enterprise must be able to manage the federated identities used in transactions with employees, partners, and customers. Fundamentally, the enterprise must be able to create (and destroy) a federated identity, and specify what internal resources this federated identity can access.
The demands of federated identity management are consequently the same as for managing local identities within the enterprise boundary, complicated by the issues of interoperability and the privacy concerns inherent in the flow of identity data. Entrust delivers federated identity management via the Entrust GetAccess product suite.Learn More
Federated Identity Explained
As originally conceived, the Internet was anonymous. However, while still relevant, anonymity is not supportive of using the Internet for commercial activity — where there is often the need to uniquely identify participants to ensure that suppliers and customers can exchange goods and services and that the appropriate parties can be billed. To address this requirement, Internet identity systems have emerged, ranging from those maintained by merchants to support their B2C transactions to those established within enterprises for employees.
These identity systems are generally not interoperable, identity information held in one system is not generally consumable by another. This lack of interoperability inhibits many emerging business scenarios, including businesses joining together to provide affiliated services to consumers and collaborations and B2B transactions among business partners.
Federated identity addresses this interoperability issue and enables organizations to share trusted identities across the boundaries that separate them. The details and complexity of the identity systems of each are hidden from the other through standards for XML messaging. The OASIS SAML TC , the Liberty Alliance, and WS-Federation are current proposals for these standards.