Federated Identity Management
market-segment
Value Proposition
Enables the separation of roles between the identity provider who manages the digital identities and the service provider who provides the IT service. This setup allows identities managed in one information security domain to be recognized in another, thus allowing entities to collaborate between organizations and work across IT systems.
Efficiency gains through streamlined identity lifecycle management - Allows collaboration between organizations by allowing the entities whose identities are managed by one organization to use IT services provided by another, thus streamlining the management of their identities throughout their lifecycle.
Efficiency gains and enhanced user experience through single sign-on - In a federated system, identities are recognized across a wider range of IT systems which reduces the authentication burden.
Enhanced privacy - The information related to persons whose identities are onboarded via federation may be reduced.
Enhanced security - The management of the lifecycle of identities in another organization is difficult to manage, leading to orphan accounts and other similar issues.
Challenges
Liabilities - Stemming from service unavailability or security incidents.
Two-sided market yielding dominant platforms - “Two–sided markets exhibit cross–side network effects: the value of the platform to one type of user depends on the number of users of the other type. This effect tends to yield very dominant platforms“ (Landau and Moore, 2012, p. 2).
Assuring trust - Through identity proofing and authentication.
Data privacy and data sharing - FIM actors collect valuable data related to their entities (e.g. IdP collects identity attributes and SP collects transactional data). Who collects, safeguards, and shares what data with whom constitute both a data privacy legal liability and an economic tussle (Landau and Moore, 2012).
Label
To link vendors, products, or other wiki pages to this market segment, use any of the following labels:
federated-identity-management
, fim