Abstract
The typical identity management (IdM) techniques used in web-based applications are about to change from application-specific means for identification, authentication and authorization towards the support of standardized, secure and privacy friendly mechanisms for Single Sign-On (SSO). In this paper we outline the different phases of this evolution, which started with the introduction of standardized interfaces for authentication and authorization and allowed to shift these sensitive tasks from the application towards the web application server. In a second phase the interfaces were extended to support authentication and authorization in distributed systems and feature SSO-techniques. The third phase adds identification and aims at providing more security for distributed authentication infrastructures and finally there is a trend towards providing more privacy friendly mechanisms for identity management in the future.
About the authors
Detlef Hühnlein is CEO of ecsec GmbH (www.ecsec.de), has more than fifteen years of professional experience in the area of IT-security, received a doctoral degree in cryptography from TU Darmstadt and was lecturer at TU Vienna, TU Darmstadt and several universities of applied science for subjects like cryptography, electronic payment mechanisms, electronic signature technology, signature law, web security and last but not least identity management. He co-authored more than 60 refereed publications, has been involved in several initiatives related to electronic signatures and identity management and is active in different standardization committees within DIN, CEN, ISO and OASIS.
ecsec GmbH, Sudetenstraße 16, 96247 Michelau, Deutschland
Tobias Wich has several years of experience in the area of functional programming, language design and the development of innovative IT-solutions. He studied computer science and holds a master degree (M. Eng.) in information technology from Coburg University of Applied Sciences. He is working as consultant and software engineer at ecsec GmbH (www.ecsec.de) with a special focus on smart cards, service oriented architectures, identity management and web application security.
ecsec GmbH, Sudetenstraße 16, 96247 Michelau, Deutschland
Johannes Schmölz has several years of experience in the area of smart cards and identity management. He studied computer science and holds a master degree (M. Eng.) in information technology from Coburg University of Applied Sciences. He gives lectures at Coburg University of Applied Sciences and is working as consultant and software engineer at ecsec GmbH (www.ecsec.de) with a special focus on smart cards, electronic signatures and identity management.
ecsec GmbH, Sudetenstraße 16, 96247 Michelau, Deutschland
Hans-Martin Haase studied bioinformatics at the University of Jena and holds a bachelor degree (B. Sc.). After his study he joined ecsec GmbH (www.ecsec.de) and works there as consultant and software developer in the area of identity management and smart cards.
ecsec GmbH, Sudetenstraße 16, 96247 Michelau, Deutschland
©2014 Walter de Gruyter Berlin/Boston
