Abstract
Several frameworks for identity management exist, each of them with its own distinguishing features. These frameworks are complex however, and their features not easily understood. This makes it hard for businesses to understand the intricacies, and difficult to select and deploy one. This paper develops business selection criteria and applies them to four popular identity management frameworks. The resulting score card (1) helps businesses to select and deploy an identity management system, and (2) provides valuable feedback to developers of identity management systems on the criteria that they should take into account when designing and implementing an identity management system that is useful for specific businesses.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bhargav-Spantzel, A., Camenisch, J., Gross, T., Sommer, D.: User Centricity: A Taxonomy and Open Issues. Journal of Computer Security 15(5) (2007)
Blakley, B.: Identity and Community in Human Society. In: Catalyst Conference 2006, June 15 (2006), http://podcast.burtongroup.com/ip//2006/06/identity_and_co.html
Blakley, B.: Ceci n’est pas un Bob, December 7 (2006), http://notabob.blogspot.com/2006/07/meta-identity-system.html
Cameron, K.: The Laws of Identity, May 21 (2005), http://www.identityblog.com/stories/2005/05/13/TheLawsOfIdentity.pdf
Dhamija, R., Dusseault, L.: The Seven Flaws of Identity Management: Usability and Security Challenges. IEEE Security & Privacy 6(2), 24–29 (2008)
Information Card Foundation, http://www.informationcard.net/
Liberty Alliance Project, An Overview of the Id Governance Framework, Version: 1.0 (2007)
Daemen, T., Rubinstein, I. (eds.): The Identity Metasystem: Towards a Privacy-Compliant Solution to the Challenges of Digital Identity, Microsoft white paper (October 2006), http://identityblog.com/wp-content/resources/Identity_Metasystem_EU_Privacy.pdf
Cameron, K., Jones, M.B.: Design Rationale behind the Identity Metasystem Architecture, http://www.identityblog.com/wp-content/resources/design_rationale.pdf
Liberty Alliance Project, http://www.projectliberty.org
Landau, S., Hodges, J.: A Brief Introduction to Liberty, February 13 (2003), http://research.sun.com/liberty_intro/
Maler, E., Reed, D.: The Venn of Identity: Options and Issues in Federated Identity Management. IEEE Security & Privacy 6(2), 16–23 (2008)
OpenID specifications, http://openid.net/developers/specs/
Open Source Identity Systems, http://osis.idcommons.net/
Royer, D.: Assessing the Value of Enterprise Identity Management (EIdM) - Towards a Generic Evaluation Approach. In: Proc. 3rd Int. Conf. on Availability, Reliability and Security (ARES 2008), Barcelona, Spain, pp. 779–786 (2008)
The Shibboleth project, http://shibboleth.internet2.edu/
Siljee, J., Hoepman, J.-H.: Issues in Identity Management, Usability, Security and Privacy, TNO Whitepaper (2008) (to appear)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hoepman, JH., Joosten, R., Siljee, J. (2009). Comparing Identity Management Frameworks in a Business Context. In: Matyáš, V., Fischer-Hübner, S., Cvrček, D., Švenda, P. (eds) The Future of Identity in the Information Society. Privacy and Identity 2008. IFIP Advances in Information and Communication Technology, vol 298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03315-5_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-03315-5_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03314-8
Online ISBN: 978-3-642-03315-5
eBook Packages: Computer ScienceComputer Science (R0)