This paper addresses the topic of federated identity management. It discusses in detail the following topics: what is digital identity, what is identity management, what is federated identity management, Kim Cameron’s 7 Laws of Identity, how can we protect the user’s privacy in a federated environment, levels of assurance, some past and present federated identity management systems, and some current research in FIM.


Identity Management Shibboleth CardSpace Federations 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ITU-T. NGN identity management framework. Recommendation Y.2720 Google Scholar
  2. 2.
    ITU-T. Baseline capabilities for enhanced global identity management trust and interoperability. Draft New Recommendation ITU-T X.1250 (X.idmreq) (February 2009) Google Scholar
  3. 3.
    ISO/ITU-T. The Directory: Models ISO 9594-2/ITU-T Rec. X.501 (2009) Google Scholar
  4. 4.
    Bob Morgan, R.L., Cantor, S., Carmody, S., Hoehn, W., Klingenstein, K.: Federated Security: The Shibboleth Approach. Educause Quarterly 27(4) (2004)Google Scholar
  5. 5.
    Nanda, A., Jones, M.B.: Identity Selector Interoperability Profile v1.5. Microsoft Corporation (July 2008),
  6. 6.
    Cameron, K.: The Laws of Identity (May 2005),
  7. 7.
    OASIS. SAML 2.0 profile of XACMLv2.0. OASIS standard (February 1, 2005) Google Scholar
  8. 8.
    OECD. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (September 23, 1980) Google Scholar
  9. 9.
    Liberty Alliance Project. Liberty ID-WSF Web Services Framework Overview Version: 2.0,
  10. 10.
    OASIS. Level of Assurance Authentication Context Profiles for SAML 2.0 Working Draft 01 (July 1, 2008) Google Scholar
  11. 11.
    OpenID Authentication 2.0 – Final (December 5, 2007),
  12. 12.
    OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 OASIS Standard (February 1, 2005) Google Scholar
  13. 13.
    Chadwick, D., Zhao, G., Otenko, S., Laborde, R., Su, L., Nguyen, T.A.: PERMIS: a modular authorization infrastructure. Concurrency And Computation: Practice And Experience 20(11), 1341–1357 (2008)CrossRefGoogle Scholar
  14. 14.
  15. 15.
    Chappell, D.: Introducing Windows CardSpace. MSDN (April 2006),
  16. 16.
    Gajek, S., Schwenk, J., Xuan, C.: On the Insecurity of Microsoft’s Identity Metasystem. Technical Report TR-HGI-2008-003, Ruhr-Universitat Bochum (June 2008),
  17. 17.
    OASIS. WS-SecurityPolicy 1.2, OASIS Standard (July 1, 2007)Google Scholar
  18. 18.
    W3C. Web Services Addressing (WS-Addressing). W3C Member Submission (August 10, 2004) Google Scholar
  19. 19.
    OASIS, WS-Trust 1.3, OASIS Standard (March 19, 2007) Google Scholar
  20. 20.
    BEA Systems, Computer Associates, IBM, Microsoft, SAP, Sun Microsystems, and web Methods. Web Services Metadata Exchange (WS-MetadataExchange) Version 1.1 (August 2006) Google Scholar
  21. 21.
    Chadwick, D.W., Inman, G.: Attribute Aggregation in Federated Identity Management. IEEE Computer, 46–53 (May 2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • David W. Chadwick
    • 1
  1. 1.Computing LaboratoryUniversity of KentCanterburyUK

Personalised recommendations