Coming of Age or Just off the Boat?: A Review of Contemporary Identity Management Systems

Coming of Age or Just off the Boat?: A Review of Contemporary Identity Management Systems

Raj Sharman, Ryan Kendrick, Manish Gupta
DOI: 10.4018/978-1-61350-498-7.ch006
(Individual Chapters)
No Current Special Offers


Identity management (IdM) systems are information systems that help to manage an individual’s credentials. This occurs through the establishment, description, maintenance, and eventual destruction of an identity. There are numerous IdM systems in place today that follow a general framework, yet provide users of the system with different solutions. This chapter will present architecture and applications that will help in establishing and analyzing the framework that IdM system follow. It will define the role of IdM systems in today’s electronic age, while examining challenges that arise during implementation, management, and integration of the systems. The latter part of the chapter examines eighteen commercial off-the-shelf IdM software solutions. We provide brief discussion on each of the solutions to highlight differences and advantages. The discussions and presentations in the chapter can aid system managers and security professionals in understanding current landscape of Identity Management Solutions and Technologies and analyses we provide can significantly facilitate their decision making and risk management.
Chapter Preview


There is a general design that is used when integrating an IdM system. The system must first have a source of information which tells it which users should and should not exist, as well as what their access permissions should be. This is usually done through the use of an enterprise resource planner (ERP) such as SAP.

After these things have been established, the basic functions of the IdM server are to assign resources, remove resources, and disable resources. The IdM server creates user accounts and allocates resources based upon the information provided by the ERP system. This includes access to any of the various systems that the IdM system is intertwined with to allow for ease of access across all systems. With IdM in place a user may log in to an e-mail system and as a result of the credentials being checked, may also be granted access to their active directory without having to do anything else (Tracy, 2008). Even with a general architecture established, there is still room for variation. Some of the IdM models currently in existence will be described below.

Complete Chapter List

Search this Book: