Overview#Federated Identity is the means of Identity Correlation a Digital Identity and Identity Attributes stored across multiple distinct identity systems to form a Digital Subject.
A Federated Identity creates a Digital Subject which is the combination of all of an entity's Digital Identitys within the Digital Context and may include Identity Attributes from one of more Security Domains.
Federated Identity #Federated Identity saves businesses time and resources in managing Digital Identities, and prevents End-User from having to create and manage a new UserId/password. For example, you can use your social media account login to access your fitness tracker account. In effect, the social media company is vouching that the same person is logging in each time they access the tracker website.
Identity Brokers help facilitate this process by managing the integration between organizations and Credential Service Provider. Organizations connect once to the Identity Broker and accept many types of credentials, rather than managing each integration separately. However, this process presents Privacy Considerations for users as these connections can create the opportunity for an exposure of Private data, or for the Identity Broker or Credential Service Provider to track a user’s online activity.
Federated Identity Examples:#
There are many commercial options available; however, most of these options use one or more of the options discussed.Privacy-Enhanced Identity Brokers describes the technical challenges unique to integrating Privacy Enhancing Technologies (PETs) within Identity Federation Frameworks.
More Information#There might be more information for this subject on one of the following:
- Circle of Trust
- Credential Management API
- Digital Context
- Digital Subject
- Federated Identity Management
- Ian Glazer
- Identity Broker
- Level of Identity Proofing
- Mobile Connect
- NIST.IR 7817
- OpenID Connect
- OpenID Connect Account Porting
- Rich Communication Services
- Single Sign-On
- Single Sign-On Scenarios
- Social Login
- WEB Access Management