|
Identity Governance Framework
The Identity Governance Framework was a project of the Liberty Alliance for standards to help enterprises determine and control how identity information is used, stored, and propagated using protocols such as LDAP, SAML, and WS-Trust and ID-WSF. Purpose The Identity Governance Framework (IGF) enables organizations to define policies that regulate and control the exchange of identity information between application systems both internally and with external partners. Identity information may include things like names, addresses, social security numbers or other information that would be otherwise considered related to an individual's identity. The policy information is both useful to privacy auditors for assessing the use of identity information in applications and to policy enforcement systems for ensuring that appropriate use of identity information takes place. History IGF was originally announced by Oracle iNovember, 2006as a joint initiative between CA, HP, Layer 7 Technologies, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Liberty Alliance
The Liberty Alliance Project was an organization formed in September 2001 to establish standards, guidelines and best practices for identity management in computer systems. It grew to more than 150 organizations, including technology vendors, consumer-facing companies, educational organizations and governments. It released frameworks for federation, identity assurance, an Identity Governance Framework, and Identity Web Services. By 2009, the Kantara Initiative took over the work of the Liberty Alliance. History The group was originally conceived and named by Jeff Veis, at Sun Microsystems based in Menlo Park, California. The initiative's goal, which was personally promoted by Scott McNealy of Sun, was to unify technology, commercial and government organizations to create a standard for federated, identity-based Internet applications as an alternative to technology appearing in the marketplace controlled by a single entity such as Microsoft's Passport. Another Microsoft in ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
LDAP
The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number. LDAP is specified in a series of Internet Engineering Task Force (IETF) Standard Track publications called Request for Comments (RFCs), using the description language ASN.1. The latest specification is Version 3, published aRFC 4511ref name="gracion Gracion.com. Retrieved on 2013-07-17. (a road map to the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Assertion Markup Language
Security Assertion Markup Language (SAML, pronounced ''SAM-el'', ) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: * A set of XML-based protocol messages * A set of protocol message bindings * A set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability.J. Hughes et al. ''Profiles for the OASIS Security Assertion Markup Language ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
WS-Trust
WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure message exchange. The WS-Trust specification was authored by representatives of a number of companies, and waapproved by OASISas a standard in March 2007. Using the extensions defined in WS-Trust, applications can engage in secure communication designed to work within the Web services framework. Overview WS-Trust defines a number of new elements, concepts and artifacts in support of that goal, including: * the concept of a Security Token Service (STS) - a web service that issues security tokens as defined in the WS-Security specification. * the formats of the messages used to request security tokens and the responses to those messages. * mechanisms for key exchange WS-Trust is ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Federated Identity
A federated identity in information technology is the means of linking a person's electronic identity and attributes, stored across multiple distinct identity management systems. Federated identity is related to single sign-on (SSO), in which a user's single authentication ticket, or token, is trusted across multiple IT systems or even organizations. SSO is a subset of federated identity management, as it relates only to authentication and is understood on the level of technical interoperability and it would not be possible without some sort of federation. Retrieved 2017-07-03. Management In information technology (IT), federated identity management (FIdM) amounts to having a common set of policies, practices and protocols in place to manage the identity and trust into IT users and devices across organizations. Single sign-on (SSO) systems allow a single user authentication process across multiple IT systems or even organizations. SSO is a subset of federated identity manageme ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
