A modeling approach to federated identity and access management

As the Web is increasingly used as a platform for heterogeneous applications, we are faced with new requirements to authentication, authorization and identity management. Modern architectures have to control access not only to single, isolated systems, but to whole business-spanning federations of applications and services. This task is complicated by the diversity of today's specifications concerning e.g. privacy, system integrity and distribution in the web. As an approach to such problems, in this paper, we introduce a solution catalogue of reusable building blocks for Identity and Access Management (IAM). The concepts of these blocks have been realized in a configurable system that supports IAM solutions for Web-based applications.