EA-STD-014 Identity Protocols

Architectural Classification

Technology \ Security

Standard Specification

A Federated Identity service is designed to afford a person the ability to use the same user name, password or other personally identification to access multiple applications or data sources securely and seamlessly be relying on the identity provider’s authentication process.  The Federated Identity service is enabled through the use of open industry standards and/or openly published specifications.

Baseline (Today) Emerging (To track)
  • Cookies
  • Kerberos
  • Lightweight Directory Access Protocol (LDAP)
  • Security Assertion Markup Language (SAML) 1
  • Security Assertion Markup Language (SAML) 2.0
  • SOAP
  • WS* Token
  • Authentication using Social Media credentials
  • Cookie replacement
  • OpenID
  • SAML future developments
Tactical (0-3 years) Strategic (3-6 years)
  • Cookies
  • Kerberos
  • Lightweight Directory Access Protocol (LDAP)
  • Secure Lightweight Directory Access Protocol (LDAPS)
  • Security Assertion Markup Language (SAML) 2.0
  • SOAP
  • WS* Token
  • Kerberos
  • Lightweight Directory Access Protocol (LDAPS)
  • Security Assertion Markup Language (SAML) 2.0
  • SOAP
  • WS* Token
Retirement (to be removed) Containment (No new development)
  • Security Assertion Markup Language (SAML) 1
  • Cookies

 

Author: Paul Ferrier Date: 24/10/2014 Version: 1.0
Document Security Level: PUBLIC 
Document Approvals: Technical Architecture Group

Enterprise Architecture Practice

Enterprise Architecture Board

IT Director

02/06/2014

June 2014

23/07/2014

23/10/2014

Review Date: October 2015

 

Identity Protocol Roadmap

Identity Protocols