On federated single sign-on in e-government interoperability frameworks

Abstract

We consider the problem of handling digital identities within service-oriented architecture (SOA) architectures. We explore federated, single sign-on (SSO) solutions based on identity managers and service providers. After an overview of the different standards and protocols, we introduce a middleware-based architecture to simplify the integration of legacy systems within such platforms. Our solution is based on a middleware module that decouples the legacy system from the identity-management modules. We consider both standard point-to-point service architectures, and complex government interoperability frameworks, and report experiments to show that our solution provides clear advantages both in terms of effectiveness and performance.