EA-STD-016 Authentication and Authorisation

Architectural Classification

Technology \ Security

Standard Specification

 

A Federated Identity service is designed to afford a person the ability to use the same user name, password or other personally identification to access multiple applications or data sources securely and seamlessly be relying on the identity provider’s authentication process.  The Federated Identity service is enabled through the use of open industry standards and/or openly published specifications.

 

Baseline (Today) Emerging (To track)
  • Active Directory Services
  • Active Directory Federation Services 2.0
  • Shibboleth 2.4.1
  • Threat Management Gateway (TMG)
  • Local database authentication

 

  • Two factor authentication
Tactical (0-3 years) Strategic (3-6 years)
  • Active Directory Services
  • Shibboleth
  • Active Directory Federation Services 2.0
  • Threat Management Gateway (TMG)

 

  • Two factor authentication
  • Shibboleth future versions
  • Active Directory future service provisions

 

Retirement (to be removed) Containment (No new development)
  • Local database authentication

 

Author: Paul Ferrier Date: 24/10/2014 Version: 1.0
Document Security Level: PUBLIC 
Document Approvals: Technical Architecture Group

Enterprise Architecture Practice

Enterprise Architecture Board

IT Director

 

June 2014

July 2014

23/07/2014

23/10/2014

Review Date: October 2015

Authentication and Authorisation Roadmap

AuthenticationAuthorisation