Today, companies have no way to trust identities belonging to their partners, suppliers, contracts and their outsourcers. This lack of trust means companies end-up creating online identities (and passwords) for all users. This approach is very costly, inefficient, and creates user frustration with multiple accounts and registrations for each Web Site. Federation is the set of business and technology agreements as well as policies that enable companies to optimally pursue business automation goals that best align with their business model, IT policies, security and privacy goals and requirements.

This book takes a close look at the trust infrastructure over which business federations are implemented. We cover important aspects of utilizing the Tivoli integrated identity management architecture in order to build and deploy the Tivoli Federated Identity Management and Web Services Security components, which consist of Tivoli Federated Identity Manager, IBM WebSphere Application Server, and the IBM Integrated Solutions Console.

This book is a valuable resource for security officers, administrators and architects who wish to understand and implement Web Services security and federated identity management.

Part 1. Architecture and design

Chapter 1. Business context for identity federation

Chapter 2. Architecting an identity federation

Chapter 3. Tivoli Federated Identity Manager architecture

Chapter 4. Deploying Tivoli Federated Identity Manager

Chapter 5. Integrating with IBM identity management offerings

Part 2. Customer environment

Chapter 6. Overview

Chapter 7. Use case 1 - SAML/JITP

Chapter 8. Use case 2 - WS-Federation

Chapter 9. Use case 3 - Liberty

Chapter 10. Use case 4 - Web services security management

Part 3. Appendixes

Appendix A. Configuring Access Manager WebSEAL and Web plug-in

Appendix B. Identity mapping rules

Appendix C. Keys and certificates

Appendix D. WS-Security deployment descriptors