EA-STD-016 Authentication and Authorisation

Architectural Classification

Technology \ Security

Standard Specification

A Federated Identity service is designed to afford a person the ability to use the same user name, password or other personally identification to access multiple applications or data sources securely and seamlessly be relying on the identity provider’s authentication process. The Federated Identity service is enabled through the use of open industry standards and/or openly published specifications.

Baseline (Today)	Emerging (To track)
Active Directory Services Active Directory Federation Services 2.0 Shibboleth 2.4.1 Threat Management Gateway (TMG) Local database authentication	Two factor authentication
Tactical (0-3 years)	Strategic (3-6 years)
Active Directory Services Shibboleth Active Directory Federation Services 2.0 Threat Management Gateway (TMG)	Two factor authentication Shibboleth future versions Active Directory future service provisions
Retirement (to be removed)	Containment (No new development)
	Local database authentication

Author:	Paul Ferrier	Date:	24/10/2014	Version:	1.0

Document Security Level:		PUBLIC
Document Approvals:		Technical Architecture Group Enterprise Architecture Practice Enterprise Architecture Board IT Director			June 2014 July 2014 23/07/2014 23/10/2014
Review Date:		October 2015

IT Strategy & Architecture

with Plymouth University

EA-STD-016 Authentication and Authorisation

Architectural Classification

Standard Specification

Authentication and Authorisation Roadmap