Unified Communications

01:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Making ID Management Manageable

Want to avoid an identity-management crisis? Build a federated-identity infrastructure, where a user's authenticated ID is shared across multiple domains or online businesses.

A federated ID model lets a user authenticate with one company or Web site, and get personalized content and services from any of the federated organizations in that "circle of trust." In other words, a financial services company and an online retailer, for instance, can share a customer's ID information during a transaction, rather than each having to store and manage separate credentials for each user account.

To really understand the Liberty Alliance's federated-security model, you first have to comprehend the alliance's jargon. A network identity is the conglomeration of your personal information--the bits and bytes that represent you in a myriad of databases scattered around the world. It can include your name, user name, phone number, Social Security number, medical records, and identifying numbers from your driver's license, passports and employee ID. It also may include personal preferences such as your airline seating habits, musical tastes, cell phones and wireless e-mail devices.

One Sign-On Fits All

With a federated network ID, a user's multiple network identities from different accounts--with an airline and a car-rental agency, for instance--are linked, not stored at one site. This is the beginning of the single sign-on paradigm for the Internet. An employee could book a flight with an airline and reserve a car with a rental agency without having to sign on and reauthenticate with the rental company site separately. This federated ID model offers business partners and employees more personalized online service, as well as more security and control over which personal information is used.

It works like employee provisioning and single sign-on systems, which reconcile disparate user names for an individual across various corporate systems. If a user authenticates as jsmith to the corporate domain, for example, but logs on to the HR system as John.Smith, a federated network recognizes that both IDs are tied to the same person. It can then log John Smith on to the HR system from the corporate domain automatically, and he doesn't have to log on to the HR system separately.

Previous
1 of 8
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 State of Unified Communications
2014 State of Unified Communications
If you thought consumerization killed UC, think again: 70% of our 488 respondents have or plan to put systems in place. Of those, 34% will roll UC out to 76% or more of their user base. And there’s some good news for UCaaS providers.
Video
Twitter Feed