Mary Ruddy

A member of the Gartner Blog Network

Mary Ruddy
Research Director
1 year at Gartner
26 years IT Industry

Mary Ruddy is a Research Director on the GTP Identity and Privacy Strategies team. Read Full Bio

Coverage Areas:

What Does Federated Identity Mean in a World of Modern Identity and Access Management?

by Mary Ruddy  |  February 15, 2013  |  2 Comments

The forces of cloud, mobile devices, social media and electronic data (context) continue to drive new waves of change in the Identity and Access Management (IAM) space. (Gartner calls these forces the Nexus of Forces.) Originally the phrase “federated identity” meant that that partners could use their own logins to access enterprise resources, or an employee could access multiple systems from different without having to login multiple times using different credentials (Single Sign-On.)  Specific technologies and standards were developed to support these use cases. Now new challenges and opportunities are driving new types of IAM. For example, some companies are allowing customers to login using social media credentials (Facebook, Gmail, etc.)  This is also leveraging “electronic identity credentials and attributes across system domains to support real-time sessions or transactions”, but it uses very different technologies.  Does this mean that federation is becoming more important (based on the general functional definition of federation?) Or does this mean that federation is becoming less important because a smaller percentage of transactions use traditional federation tools in a traditional way? Normally one resolves such questions by using the definition preferred by the buyer or end user, but end users tend to talk about reusing logins , and buyers of IAM software typically refer to SSO.  In general, neither group talks about identity federation.  I’ve been tasked to think about the future of federated identity and I’ve been thrashing back and forth about whether “federation” is becoming more prevalent or going away. One thing is certain, the boundaries on the old narrow definition of federation are blurring and increasingly the word federation doesn’t bring clarity to the discussion.

2 Comments »

Category: Uncategorized     Tags:

2 responses so far ↓

  • 1 Shirish Patwardhan   February 18, 2013 at 10:59 am

    Identity Federation is an oxymoron.
    Identity drives towards uniqueness and federation is the opposite giving a sense of distributed, separated, mutated information.
    I feel they will always struggle to get any stable implementation or even clarity to the discussions.

  • 2 Identity and Access Management enhances IT Security | IBM Software India   February 20, 2013 at 11:09 am

    [...] What Does Federated Identity Mean in a World of Modern Identity and Access Management? [...]