Digital Identity Framework

Digital identity can be discussed in the context of a set of concepts that provide a framework for addressing the important issues involved in developing an organizational identity management strategy.

The following sections provide reference to information about each area in the framework. At first, these are mostly reference to standards documents and articles about standards in each area. I hope to add other references about the general problem areas as well in the future.

Understanding Digital Identity

• Digital Identity Perspectives

Identity Management Architectures

• Introduction to Identity Management Architecture

Fundamentals

Integrity and non-repudiation

• XML Signature Working Group
• An Introduction to XML Digital Signatures, Ed Simon, Paul Madsen, Carlisle Adams, O'Reilly xml.com, August 8, 2001.
• An Introduction to XML Encryption and XML Signature, Murdoch Mactaggart, IBM Developer Works, September 1, 2001.
• Understanding XML Digital Signature, Rich Salz, Microsoft Developer Network, July, 2003.

Confidentiality

• XML Encryption Working Group
• Exploring XML Encryption, Part 1, Bilal Siddiqui, IBM Developer Works, March 1, 2002.
• Exploring XML Encryption, Part 2 , Bilal Siddiqui , IBM Developer Works, August, 2002.

Managing Trust

• XML Key Management Specification
• Trust Management on the WWW, Rohit Khare and Adam Rifkin, First Monday, Volume 3, No. 6, June 1998.
• Privacy and Trust Series by Patrick Logan

Authentication and authorization

• OASIS Security Services TC
• Single Sign-On Simplicity with SAML, Jon Byous
• Identity, Security, and XML Web Services, Jorgen Thelin, OReilly Emerging Technology Conference Talk. February 2003.
• Security Assertion Mark-up Language, Marc Chanliau, SIMC General Meeting, February 2002.
• Understanding Kerberos
• RFID Enabled Credit Cards

Identity provisioning

• OASIS Provisioning Services TC
• SPML and Its Importance, Gavenraj Sodhi, Interoperability Summit, Orlando FL, June 2002.
• OpenSPML, An open source software toolkit for SPML

Authorization policy representation and management

• OASIS Extensible Access Control Mark-up Language Technical Committee
• XACML: A New Standard Protects Content in Enterprise Data Exchange, Sun Developer Web Site
• Suns XACML Reference Implementation

Federation

• Primer: Federated Identity Management by David Carr (Baseline Magazine)

DIDM ROI article

Last Modified: Saturday, 01-Jan-2005 02:45:52 UTC