Authenticate a user in multiple ways, e.g.Thus, at the next level, the key things one wants an Identity Provider to do are also listed in the marketing material for various IdPs: The IdP is in the middle and must support at least those combinations that the customer needs. Active Directory, LDAP, RADIUS, Tivoli Directory, etc. A user’s corporation may insist on the integration of a particular name service, e.g. Some applications want strong authentication, some use only certain protocols or data formats, etc. It is not unusual for an IdP to advertise “thousands” of applications. When you see a commercial IdP advertised, usually the first marketing statement is the number of “applications” it supports, and of course, there are a few big ones like, Office 365, and Google Apps that are essential. Inside a federation of multiple Service Providers, multiple corporations of users, multiple types of name directories, and multiple Identity Providers, what makes for a good Identity Provider? More generally, in the context of the federation, what makes for a good Identity Management System?Īt the highest level, users want unfettered (and secure) access to lots of Service Providers (SPs). Throw in privacy concerns and bad actors who steal and misuse identities, the computing industry has a serious identity problem. As we’ve discussed before, a username and password for each combination of device, context, resource is a totally unmanageable situation from many perspectives. In addition each individual user may have several security contexts from which authentication is needed for example, the user’s company, personal use, charitable organization, little league sports team, etc. A user most likely has multiple devices from which such access is needed from multiple locations around the world. public clouds, public backup systems, public SaaS applications, and other services. Any given user needs to access several public, multi-tenant resources on the Internet, e.g. Within a corporation there are multiple users that have multiple roles. ![]() ![]() The identity management problem is complex and getting more and more complex as the Internet evolves.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |