ABSTRACT
Overview .............................................................................................................. 240 IdM Life Cycle ................................................................................................ 240 Traditional Identity Management ................................................................ 241
Role-Based Access Control ....................................................................... 241 Attribute-Based Access Control .............................................................. 242 Single Sign-On ........................................................................................... 242
Industry Practices ........................................................................................... 242 Online Identity Management ............................................................................ 243
Introduction .................................................................................................... 243 Goals and Requirements ............................................................................... 243 How Online Identity Works.......................................................................... 244
Motivation and Challenges................................................................................ 246 Trust Management .............................................................................................. 246
The Who, What, and How of Trust Management ..................................... 247 Advantages and Limitations ........................................................................ 248 Web Services Trust Protocol .......................................................................... 249 Role of X.509 Certicates ...............................................................................250
Claim-Based Identity .......................................................................................... 251 Need for Claim-Based Identity .................................................................... 251 Claim-Based Architecture ............................................................................. 251 SSO for Web: An Example for Claim-Based Identity ................................253
Federated Identity ...............................................................................................254 Security Assertion Markup Language ........................................................254 Achieving Interoperability ............................................................................255 Open ID: How Google/Facebook Integrates with Other Applications? ................................................................................................ 257
Implementing OIM System ...............................................................................258 Identication of Scope ...................................................................................258 Requirement Analysis .................................................................................... 259