An integrated approach to federated identity and privilege management in open systems

Federated identity and privilege management is the key to seamless and secure enterprise integration and collaboration on the Web. The development of Web-based federated identity solutions has advanced more rapidly compared to Web-based privilege management mechanisms. Both are cornerstones of an access management framework and critical to the effectiveness of the overall mechanism. An integrated approach to federated identity and privilege management specifically designed for Web-based platforms, which satisfy several requirements including, single sign-on (SSO), effective access control, and decentralized model. The concept behind federated identity and privilege management mechanisms is motivated by the classical authentication and authorization protocols. A basic requirement for authorization model is that it must satisfy its suitability to Web-based applications. Future challenges include integrating specification with existing directory schemes to support property-based credentials.