posted on 2022-03-28, 12:39authored byNishen Naidoo
The growth of online activity has brought with it several challenges in the arenas of privacy, security and identity management. Federated Identity Architectures aim to mitigate the risks, costs and complexities within each of these arenas. Domain specific requirements have evolved two frameworks to address these issues for their respective domains. Liberty Alliance is a project and a Federated Identity Framework that specifically targets requirements within the commercial sector, while Shibboleth was founded with the intent of providing resource sharing for higher education. -- Users, who are often members of both domains, are still left with multiple identities to manage across these federations, some of which exist only due to their technology limitations. These identities are exposed to multiple identity providers, limiting their privacy. -- This project investigates these two architectures, identifying their profiles, protocols and bindings and establishes what would be required for their core components, the Service Provider and the Identity Provider, to communicate across different frameworks. -- We show how having these frameworks based upon the same parent specification provides common communication patterns that can be leveraged to provide desired functionality through the addition of message translation at strategic locations within the architectures.