developerWorks

AIX and UNIX
Information Mgmt
Lotus
Rational
Tivoli
WebSphere

Architecture
Autonomic computing
Java™ technology
Linux
Multicore acceleration
Open source
SOA and Web services
	New to SOA and Web services
	Downloads & products
	Open source projects
	Standards
	Technical library
	Training
	Forums
	Events
Web development
XML

About dW
Submit content
Feedback

Related links
	ISV resources
	alphaWorks (emerging technologies)
	IBM Academic Initiative
	IBM Redbooks
	IBM Press books
	IBM communities

Local sites
	developerWorks 中国
	developerWorks Japan
	developerWorks 한국
	developerWorks Россия

developerWorks > SOA and Web services >

Federation of Identities in a Web Services World

Level: Advanced

Contributors: IBM, Microsoft

08 Jul 2003

This document describes the issues around federated identity management and describes a comprehensive solution based on the Web services specifications outlined in the WS-Security roadmap and other related Web services specifications.

The approach described in this whitepaper, which will be further defined in the WS-Federation specification, introduces an identity provider as a class of security token service. As such, it uses the mechanisms of WS-Trust and WS-Federation to create and broker trust within and across federations.Together, the specifications identified in this paper provide a comprehensive and integrated set of protocols for secure reliable transacted messages in and across federations by composing with other security and Web service specifications.

Download

Description	Name	Size	Download method
Whitepaper in PDF format	ws-fedworld.pdf	450 KB	FTP


	Information about download methods			Get Adobe® Reader®

Resources

[Kerberos] J. Kohl and C. Neuman, "The Kerberos Network Authentication Service (V5)", RFC 1510, September 1993, http://www.ietf.org/rfc/rfc1510.txt.
[WS-Security] "Web Services Security Language", IBM, Microsoft, VeriSign, April 2002. "WS-Security Addendum", IBM, Microsoft, VeriSign, August 2002. "WS-Security XML Tokens", IBM, Microsoft, VeriSign, August 2002
[WS-Policy] "Web Services Policy Framework", BEA, IBM, Microsoft, SAP, December 2002
[WS-PolicyAttachment] "Web Services Policy Attachment Language", BEA, IBM, and Microsoft, SAP, December 2002
[WS-PolicyAssertions] "Web Services Policy Assertions Language", BEA, IBM, Microsoft, SAP, December 2002
[WS-Trust] "Web Services Trust Language", IBM, Microsoft, RSA, VeriSign, December 2002
[WS-SecureConversation] "Web Services Secure Conversation Language", IBM, Microsoft, RSA, VeriSign, December 2002
[WS-Federation] "Web Services Federation Language", IBM, Microsoft, VeriSign, July 2003, "Web Services Federation Language: Passive Requestor Profile", IBM, Microsoft, VeriSign, July 2003, "Web Services Federation Language: Active Requestor Profile", IBM, Microsoft, VeriSign, July 2003

Back to top

Document options

Document options requiring JavaScript are not displayed

About IBM

Privacy

Contact