Federated Identity Management (FIM) is an arrangement for managing identities and access to resources that span companies or security domains. It avoids identity replication and security administration at multiple locations. It provides an easy way of managing identities and providing them with access to information and services in a trusted manner. In a federated system, a group of organizations share identity attributes based on mutual trust and agreed-upon standards, facilitating authentication from other members of the federation and granting appropriate access to online resources. For companies deploying service-oriented architecture (SOA) and Web services, FIM provides policy-based integrated security management for federated Web services. The foundation of FIM is trust, integrity and privacy of data.
How It Works
Let's take one Federation Scenario where an Airline Company (Identity Provider) has contracted with a Hotel Company (Service Provider) to provide discounted Hotel bookings service to their customers.
In the absence of federation, the customer of the Airline company needs set up a separate login at the Hotel Company's web site. And he has to remember a separate user id and password each time he logins to the Hotels company's site. The Airline Company would have to have to trade lists of accounts and manually update each other quite frequently.
With federated identity management in place between the two firms, the first time the customer visits the Hotel site via the Airline's site, the following would happen:
- First, the customer would log into the Airline Company's portal, using Airline Company's username and Password and some form of authentication.
- The Customer would click the link for the Hotel company portal page.
- Instead of displaying a login page, the Hotel company website redirects customer back to Airlines portal, requesting the customer authenticate.
Because this is the first time the customer tried to access the Hotel company site from the Airline's site, the Airline's site asks the customer for permission (i.e. opt-in) to use his identity with the Hotel Company website. Customer clicks "yes." The Airline Company's portal sends the customer back to the Hotel company web site, with authentication information attached. Behind the scenes, the Hotel portal verifies the authentication data transmitted to it. The Customer is granted access to the page he originally requested, without having to log in separately. Subsequent uses of the Hotle site from the Airline's site eliminate (optionally) any need for the Customer to log into the Hotel Company's site at all. This makes for a greater value to the Customer.
Because the service provider (Hotel Company) is not maintaining its own user accounts for Airline Company users, federated identity management transfers the responsibility for identity management (and the resulting cost) to the identity providers who are better positioned to fulfill that responsibility. If a user leaves the identity provider organization, the request for authentication at the service provider will fail, and the user can no longer access the service provide. All this is done without any maintenance on the service provider's part.
FIM Results in Benefits to Your Organization
- Increased Revenue: FIM makes integrations with trading partners easier for customers. A simple click on a partner offering on your website and the Customer is completing related transactions with greater ease. This increases Customer satisfaction, repeat use, and greater sales.
- Faster Time to Market: Federation allows you to rapidly integrate trading and partnership agreements into available offerings. You can extend existing marketing themes to new targets, and rapidly add revenue-generating offers to your website.
- Reduced Administration and Provisioning Costs: Rather than having to enroll third-party users into a company's internal identity systems, federated identity management enables IT service providers to offload the cost of user administration to their business partner companies.
- Enables you to setup new systems that interoperate and integrate with existing systems, minimizing system and customer downtime.
- Quickly expand your execution ability to create revenue generating opportunities.
- Increases productivity by granting faster and easier access to applications and information to users, partners, and employees across the domains of participating organizations, while maintaining secure access to your company resources.
- Reduce help desk costs for individual, business partner and user identity maintenance and administration costs through secure delegation and self-service of identity information and reduced expense of password resets.
- Fine-grained security: Makes it easier for business organization to more effectively grant fine-grained access to users and businesses, and to promptly terminate Inactive accounts of ex-contractors and partners, alleviating a major source of security attacks.
- Improves business compliance by helping to reduce security exposure.
- Speeds and eases deployment since the components of the solution are based on commonly accepted standards and interfaces, eliminating the need to develop to myriad integration points.
- Simplify administration of security in cross-enterprise and cross-domain business.
- Interoperability: Provides for more secure, more seamless interoperability between applications and systems, through standards-based identity federation.
- Minimizes deployment lags since participating organizations don't have to agree on the same technology and solution at each point of their network, but rather have a common plan from the beginning.
Are you ready for Federated Identity Management Solution?
For organizations that require security-rich, controlled access, intiGrow brings you FIM solutions. You will need an assessment to identitfy business requirements and IT requirements, a choice of industry standard software, and our expertise in Federated Identity & Access Management with system integration skills. Our proven methodology and systematic business process engineering results in high quality, timely capabilities for specific business and technology needs. Our analysts and engineers partner with your IT and line-of-business staff to share knowledge and increase the insight to interdependencies and interrelationships required to quickly deliver the business results you need.
Our offerings and services are designed to protect assets and information from unauthorized access without affecting business productivity. intiGrow's solutions for Federated Identity and Access Management can help companies to greatly expand their service offerings and improve the user experience. It also enables companies to address their enterprise security needs while supporting compliance and business requirements.
Worried your FIM project will run over budget and over time? Relax. Partner with intiGrow. We will show you how quickly you can start leveraging IT Security for greater sales. To learn more, fill out the "Contact Us" form on this page.