FIM is an arrangement for managing identities and access to resources that span companies or security domains. It avoids Identity replication and security administration at multiple locations. It provides an easy way of managing identities and providing them with access to information and services in a trusted manner. In a federated system, a group of organizations share identity attributes based on mutual trust and agreed-upon standards, facilitating authentication from other members of the federation and granting appropriate access to online resources. For companies deploying service-oriented architecture (SOA) and Web services, FIM provides policy-based integrated security management for federated Web services. The foundation of FIM is trust, integrity and privacy of data.
How It works?
Let's take one Federation Scenario where Airlines Company (Identity Provider) which has contracted with Hotel Company (Service Provider) to provide discounted Hotel bookings service to their customers.
In the absence of federation the customer of Airline company if he needs to book the hotel he has to set up a separate login at the Hotel Company's web site. And he has to remember a separate user id and password each time he logins to the Hotels companies site. If the customer is no more in business with the Airlines Company, they would have to notify the Hotel Company to cancel his account, otherwise the customer still be able to log in there and enjoy the discounts benefit.
With federated identity management in place between the two firms, the first time when the customer visits the Hotel site the following would happen:
First, customer would log into Airlines Company's portal, using Airline Company's username and Password or some form of authentication.
Customer would click the link for the Hotel company portal page.
Instead of displaying a login page, the Hotel company website redirects customer back to Airlines portal, requesting authentication.
Because this is the first time customer tried to access the Hotel company site, the Airline's portal asks for customer's permission (opt-in) to use his identity with the Hotel Company website. Customer clicks yes. Airline Company's portal sends customer back to the Hotel company web site, with authentication information attached. Behind the scenes, the Hotel portal verifies the authentication data transmitted to it. Customer is granted access to the page he originally requested, without having to log in separately.
Because the service provider is not maintaining its own user accounts for external users, federated identity management transfers the responsibility for identity management (and the resulting cost) to identity providers who are better positioned to fulfill that responsibility. If a user leaves the identity provider organization, the service provider's request for authentication will fail, and the user can no longer access the service provider, all without any maintenance on the service provider's part.
How it Benefits Your Organization?
- Reduced administration and provisioning costs: Rather than having to enroll third-party users into a company's internal identity systems, federated identity management enables IT service providers to offload the cost of user administration to their business partner companies.
Because:
- Increase productivity by granting faster and easier access to applications and information to users, partners, and employees across the domains of participating organizations, while maintaining secure access to your company resources.
- Reduce help desk costs for individual, business partner and user identity maintenance and administration costs through secure delegation and self-service of identity information and reduced expense of password resets.
- Expand business reach of service providers creating revenue generating opportunities.
- Fine-grained security: Makes it easier for business organization to more effectively grant fine-grained access to users and businesses, and to promptly terminate Inactive accounts of ex-contractors and partners, alleviating a major source of security attacks.
- Improve business compliance by helping to reduce security exposure
- Speeds and eases deployment since the components of the solution are based on commonly accepted standards and interfaces, eliminating the need to develop to myriad integration points.
- Simplify administration of security in cross-enterprise business.
- Interoperability: Provides for more secure, more seamless interoperability between applications and systems, through standards-based identity federation.
- Minimizes deployment lags since participating organizations don't have to agree on the same technology and solution at each point of their network, but rather have a common plan from the beginning.
- Helps service providers to setup new systems that interoperate and integrate with existing systems, minimizing system and customer downtime.
Are you ready for Federated Identity Management Solution?
For organizations that require security-rich, controlled access, intiGrow brings you a best FIM solution by using an Industry Standard Tools like IBM Tivoli® Federated Identity Manager combined with our expertise in Federated Identity & Access Management with system integration skills. Our proven methodology and systematic business process engineering is applied to devise high quality, timely solution for specific business and technology needs. Our analysts and engineers partner with your IT staff to share knowledge and increase the insight to interdependencies and interrelationships required to quickly deliver the business results you need.
Our offerings and services are designed to protect assets and information from unauthorized access without affecting business productivity. intiGrow's solutions for Federated Identity and Access Management can help companies to greatly expand their service offerings and improve the user experience. It also enables companies to address their enterprise security needs while supporting compliance and business requirements.
How we do it?
IBM Tivoli® Federated Identity Manager:
IBM Tivoli® Federated Identity Manager is the ideal tool for a successful Federated Identity Management. Built especially for small-to-midsize organizations, this powerful business integration software uses open stand ards to bring together customers, partners and suppliers — with a single, easy-to-deploy application that provides a smooth migration pathway to an enterprise-level application.
Are you ready to take up the intiGrow's challenge for FIM?
Organizations fearing their FIM project will run over budget and over time may care to take up the challenge of intiGrow, which is now offering a tailor made FIM solution that suits specific business and technology needs. To learn more, Contact intiGrow.
