Word of the Day: federated identity management

Word of the Day Daily updates on the latest technology terms | July 1, 2019 federated identity management Federated identity management (FIM) is an authentication scheme that links a user's identity across multiple security domains, each of which supports its own identity management system. When two domains are federated, the user can authenticate to one domain and then access resources in the other domain without having to perform a separate login process. Single sign-on (SSO) is an important component of identity federation, but it is not the same as identity federation. In order for FIM to be effective, the partners must have a sense of mutual trust. Authorization messages between partners in an FIM system can be transmitted using Security Assertion Markup Language (SAML) or a similar XML standard that enables a user to log on once for affiliated but separate websites or networks. Identity federation offers economic advantages, as well as convenience, to enterprises and their network subscribers. For example, multiple corporations can share a single application, resulting in cost-savings and consolidation of resources. Examples of FIM systems include OpenID and OAuth, as well as Shibboleth, which is based on OASIS SAML. How federated identity management works Under identity federation, the user authenticates once through the home domain; when that user initiates sessions in other partner security domains, those domains trust the user's home domain in order to authenticate the user. Here is how FIM works: Users log in to their home network, authenticating through the home security domain. After they have authenticated to the home domain, users initiate an attempt to log in to a remote application that uses identity federation. Instead of authenticating directly with the remote application, that application requests the user's authentication from their home authentication server. The user's home authentication server authorizes the user to the remote application and the user is permitted to access the app. The user only needs to authenticate once, to the home domain; remote apps in other security domains that have agreed to cooperate are then able to grant access to the user without requiring an additional login process. Continue reading... Quote of the Day "Identity federation seeks to remove roadblocks that prevent users from easily accessing the resources they need when they need them." - Robert Sheldon Trending Terms identity management single sign-on SAML OpenID OAuth Learning Center Hybrid identity management could be a method to the madness A hybrid cloud migration strategy should include hybrid identity management, which can enable flexibility and security. That was a major theme at the recent Identiverse, a security and identity conference. Explore the pros and cons of identity federation management Identity federation management makes end users happy, but it can be complicated for IT teams. A thoughtful plan can ensure the transition is as smooth as possible. AtScale updates its data warehouse virtualization platform AtScale's data warehouse virtualization platform received an upgrade, dubbed AtScale 2019.1, which will extend support to include more databases with increased security and more deployment options. Federated identity management key to SaaS office and cloud-based UC Federated identity management allows users to log into multiple cloud-based UC services and SaaS office apps with a single user ID and password using SAML or OpenID. Here we cover how SAML supports identity federation for secure, single sign-on (SSO). What to know before implementing an IAM system Administrators can confidently select an IAM system if they prioritize what they need, understand the options and plan for the future. Learn how to select and implement an IAM product with these steps and considerations. Quiz Yourself _______ Active Directory enables single sign-on capabilities for Microsoft apps, such as Office 365 and Dynamics CRM. A. In addition, B. In addition Answer Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com Visit the Word of the Day Archives and catch up on what you've missed! FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.