IBM Tivoli Federated Identity Manager

Businesses are increasingly challenged to extend critical information and data across company boundaries. Partners, customers, clients, distributors, agen­cies and suppliers require access to data sprawled across corporate human resources, customer relation­ship management (CRM), enterprise resource planning (ERP) and legacy mainframe systems.

As these integration and access needs grow, redundancies in processes often crop up—such as the proliferation of multiple logins—which can impact both productivity and user satisfaction. For example, customers who log on to the brokerage site of a full-service financial services company using one identity and password must use a different identity and password to log on to the credit card subsidiary of the very same financial services company. The company must then manage twice the infrastructure at twice the cost, while customers and employees are burdened with multiple logins.
 

To help manage the challenges of cross-enterprise information exchange, many organizations are moving beyond the traditional model of inflexible busi­ness processes to a more flexible, more accessible and reusable approach known as Web services. In contrast to a rip-and-replace approach, a service oriented architecture (SOA) is designed to make maximum use of new and existing IT assets.

Federated identity management can help you integrate and extend services across your business ecosystem while helping to minimize the risks associated with sharing identities and services. IBM Tivoli® Federated Identity Manager enables users to SSO to the sites of multiple businesses, while helping to preserve the confidentiality of their user data. Designed to minimize the impact on business applications, Tivoli Federated Identity Manager can help you reduce costs and speed deployment timeframes for integrating applications within your collaboration infrastructure.
 
Tivoli Federated Identity Manager is designed to interoperate with the wide variety of federation standards that your partners and potential partners may employ. When you use Tivoli Federated Identity Manager, you deploy a solution that enables you to:

• Support the broadest federation functionality by enabling SSO, rich security customization and Web services security through SAML 1.1.x and 2.0, Liberty ID-FF and WS-Federation standards.

• Enable support for identity management across an SOA through the use of WS-Trust for identity and attribute exchange and transformation.

• Help simplify the integration of identity and security — including trust relationships between application platforms using WS-Security and WS-Trust.

• Communicate authentication and identification information about business partners through increased support for multiple security tokens—including PassTickets, x.509 certificates and Kerberos tokens.

• Automate the provisioning of user accounts and entitlements, using WS-Provisioning.
 
SecurIT helps you choose the Federation techniques that are the best suited for your business, and implement them with TFIM.
 
For more information
 
source: www.IBM.com