Abstract
An efficient identity management system has become one of the fundamental requirements for ensuring safe, secure, and transparent use of identifiable information and attributes. Federated Identity Management (FIdM) allows users to distribute their identity information across security domains which increases the portability of their digital identities, and it is considered a promising approach to facilitate secure resource sharing among collaborating participants in heterogeneous IT environments. However, it also raises new architectural challenges and significant security and privacy issues that need to be mitigated. In this paper, we provide a comparison between FIdM architectures, presented the limitations and risks in FIdM system, and discuss the results and proposed solutions.
Highlights
Federated Identity Management (FIdM) is a concept that helps to link user's digital identities and attributes stored on several sites
The notion of Identity Federation was discussed in this work, we provided a comparison between FIdM architectures such as liberty alliance, security assertion markup language Security Assertion Markup Language (SAML) v2.0, WS-Federation, and Shibboleth, etc
In a Federated identity management system, the user might have one or more local identities issued by service providers (SPs), in addition to a single identity issued by the identity provider (IdP) within a specific domain called a circle of trust (CoT)
Summary
Federated Identity Management (FIdM) is a concept that helps to link user's digital identities and attributes stored on several sites. It allows cooperation on identity processes, policies, and technologies among various domains to simplifies the user experience. It has limitations that present several security and privacy risks due to the valuable information shared across domains in the FIdM using loosely coupled network protocols. Paper, we presented the limitations of Federated Identity Management based on how it affects the user.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Network Security & Its Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
