A Federated Identity Service

Beyond the Firewall: Securing Increasingly Complex Infrastructures

Your business demands secure access to its essential resources—and your users expect excellent service, without having to wait to log on or remember too many usernames and passwords. But that’s becoming increasingly difficult to deliver, as your identity infrastructure gets more fragmented and complex. These days, you have to secure a new world of applications, many of which no longer reside safely behind your firewall. All these applications rely on an alphabet soup of protocols, from SAML to XACML and beyond, and a variety of security methods, including forms, certificates, passwords, and tokens.

The users who need access to these resources are not all behind the firewall, either. Your portal is growing to service new and vital audiences, such as customers, prospects, and partners. Your employees are relying more and more on cloud-based applications that make their own demands on your security infrastructure. And all your users are bringing their own devices to the party and want to log in from wherever they are and access everything. But that’s tough to deliver, because all those identities are scattered across disparate identity silos, from LDAP and proprietary directories to databases and web services.

The end result is a system that is:

  • Difficult to secure and audit
  • Difficult to use: Logging on is often the first experience a user has with your organization, but a dealing with multiple logons, each with different credentials, can make the best site seem like a burden to use.
  • Expensive to maintain and very difficult to evolve

The N-Squared Problem: The Equation for Identity Chaos

For today’s companies, many diverse applications (A) must talk to many disparate identity sources (I) using different security protocols (S), with every factor representing some number (N) of links—and every link costing lots of money ($$$) to develop, manage, and maintain:

A x I x S = N links (x $$$)

This leaves you with a brittle network of links, protocols, and identity representations. And any changes put incredible—and incredibly expensive—demands on this critical infrastructure, whether you’re revamping your customer or employee portal, adding a critical cloud-based application, or acquiring a partner.

Identity Sources

The Solution for A Rational Identity Infrastructure

You need a way around all this complexity, so you can deliver smarter authentication and richer authorization—and that’s what our federated identity service is all about. Basically, what SAML and XACML did for the external world—federation at the level of security—is what we do for your internal infrastructure, by federating all your diverse identity stores. So you can streamline your identity silos into a logical, comprehensive and manageable system—and securely expose your identity to the internet and the cloud.