By Natasha Lomas, 14 November 2006 12:30
NEWS
Federated identity
Federated identity is all about trust.
It refers to the process of using a single ID to authenticate a user across multiple systems - be they IT systems on a network, a group of websites or even different organisations.
Security from A to Z
Click on the links below to find out more...
A is for Antivirus
B is for Botnets
C is for CMA
D is for DDoS
E is for Extradition
F is for Federated identity
G is for Google
H is for Hackers
I is for IM
J is for Jaschan (Sven)
K is for Kids
L is for Love Bug
M is for Microsoft
N is for Neologisms
O is for Orange
P is for Passwords
Q is for Questions
R is for Rootkits
S is for Spyware
T is for Two-factor authentication
U is for USB sticks/devices
V is for Virus variants
W is for Wi-fi
X is for OS X
Y is for You
Z is for Zero-day
In order for this linking up of services to be possible, a group of service providers must get together and agree to accept a single authenticating ID for a user.
The main advantage of a federated identity is convenience - since users of services that have agreed to link up in this way don't have to manage a raft of ID credentials in order to access each resource. Federated identity also facilitates a more personalised service for users, without the security risk of storing a large amount of a user's personal data in one place - a bit like a jigsaw puzzle making up a picture by the joining of each small piece.
But - as with any issue of trust - not everyone buys into the logic of federating identity in this way, as standardisation inherently introduces an element of insecurity.
Click here to read silicon.com's federated identity Cheat Sheet.
Comments
There is 1 comment. Join the discussion
1. Pedro
I have found a small program that do the excellent job. It cleans all the worms, Trojans and every other suspicious file and protect the utility from afterwards intrusions.