Federated Identity


Federated Identity is the means of Identity Correlation a Digital Identity and Identity Attributes stored across multiple distinct identity systems to form a Digital Subject.[1]

Federated Identity is typically performed through an Identity Correlation and or Identity Broker for a Federation.

A Federated Identity creates a Digital Subject which is the combination of all of an entity's Digital Identitys within the Digital Context and may include Identity Attributes from one of more Security Domains.

Federated Identity allows, assuming there are no agreements to the contrary, the Identity Provider (IDP) to perform as a Identity Broker using the attributes of the Federated Identity.

Federated Identity are created from a Federation of one or more Identity Provider (IDP) by some form of agreement or by an agreement of the Entity using Social Login.

Federated Identity #

Federated Identity saves businesses time and resources in managing Digital Identities, and prevents End-User from having to create and manage a new UserId/password. For example, you can use your social media account login to access your fitness tracker account. In effect, the social media company is vouching that the same person is logging in each time they access the tracker website.

Identity Brokers help facilitate this process by managing the integration between organizations and Credential Service Provider. Organizations connect once to the Identity Broker and accept many types of credentials, rather than managing each integration separately. However, this process presents Privacy Considerations for users as these connections can create the opportunity for an exposure of Private data, or for the Identity Broker or Credential Service Provider to track a user’s online activity.

Federated Identity Examples:#

There are many commercial options available; however, most of these options use one or more of the options discussed.

Privacy Considerations#

Privacy-Enhanced Identity Brokers describes the technical challenges unique to integrating Privacy Enhancing Technologies (PETs) within Identity Federation Frameworks.

More Information#

There might be more information for this subject on one of the following: