***Editor's Note: If you like this topic, make sure you sign-up for the ebizQ webinar, Threatscape 2008, that'll dig into depth what threats to expect in 2008 and how to effectively combat them.

On the business side, collaborating with partner companies to provide customers and employees with products and services is a top priority that promises to increase revenue, customer loyalty, and competitive advantage. But for IT, the growth in these multi-party relationships and delivery as Web services poses vexing issues on how to manage user identities.

How can partnering organizations verify the digital identities of thousands or even millions of individuals across an extended enterprise of disparate partner domains while providing users with single sign-on (SSO)? How can IT protect access to applications and information and secure Web services delivery? How can multiple IT systems authenticate and authorize the identity of, for instance, a wireless phone customer or a stock trader?

The answer is identity federation -- the technologies and standards that allow partnering organizations to securely share digital identities across multiple domains. Identity federation provides an auditable framework by which an organization accepts that external users have been authenticated by a trusted partner, and enables SSO across partner sites.

While many companies are beginning to use Web services security to secure federated transactions, others continue to rely on point-to-point solutions that can be overly complex and fall short of the higher levels of identity-based security possible with federation. For instance, secure socket layer (SSL) security provides no identity capture, no auditing capabilities, no means of enforcement, nothing to prove what happened in a Web services transaction. Those capabilities are built into leading identity federation solutions.

The Journey from SSO to SOA
The concept of identity federation has been around for several years. Initially, the focus was on developing common standards that would enable partnering organizations to securely share identity data. Because every company that does business with companies beyond its confines must grapple with how to manage identity across boundaries, identity federation is increasingly a hot topic for both IT and business. Its role in this essential challenge has unfolded in three stages.