Federated Identity Management

---

In today’s business world, enabling integrated access to services across business domains for clients, suppliers and partners has increasingly become a critical factor for success. At Everett we believe the adoption of federated identity is the key to establishing a cost-effective and security and privacy aware solution for integrated service in the supply chain.

Today, most organisations have implemented - or are currently working on the deployment of – internally focused identity and access management solutions. These solutions may vary from streamlining account provisioning processes up to the enablement of centrally governed access control to web based applications for employees. Typically, any organisation may hold their own identity related data on various business partners. This implies each organisation may have their own take on who the user is as well as the type of access the user is privileged to. So, once access to services across business domains comes in to play, certain identity management challenges are more apparent than ever before: the traditional identity silo inhibits access for users to an integrated service offering.

From silo to federation

Federated identity has stepped up to the plate to mitigate the identity silo approach. It introduces concepts and solutions to simplify transporting identity related information across organisational boundaries, addressing management, security and privacy concerns as an integral part of any federated solution. Organisations looking to adopt a federated approach should be aware of the following best practices that are key to a successful federated identity strategy:

• Ensure your internal identity management processes are streamlined so you control the life cycle of – and access to – identity data;
• Adopt a standards based approach to federated identity. As federated identity addresses integration aspects across business domains by default, it becomes absolutely crucial to use standards to ensure interoperability;
• Be aware of the legal side of the federated equation. Bound by either law or internal policies, concerns such as privacy determine the form and shape of your federated solution.

At Everett we regard standards based federated identity management to be the principal enabler of a cost-effective and security and privacy aware solution for integrated services across business domains.  Below is one of our customer cases that illustrates this point.

Case 'Federated IDM between Dutch bank and mail services'

A large bank in the Netherlands and a major postal services provider teamed up to provide added value to both of their existing service offerings. When logging in to the personal bank portal – for instance to check a debit account – any bank user may click on invoices listed for the account to request addition details about that particular invoice. Instead of just viewing the charge for a phone invoice, the user can actually see the details of that phone bill such as the subscription fee, numbers dialled and so on. This service is provided by the postal services company and requires an explicit trust between the bank and the postal services and the exchange of identity related data.

Additionally, the postal services rely on identity- and billing data provided by the biller (in this case the phone company). When viewing the invoice details at the postal services site, the bank user obtains seamless single sign on access to the biller’s personalised portal through a link in the invoice.