Building Blocks for Identity Federations

Technologies like XML and Web Services have posed new requirements to authentication, authorization and identity management for the Web as an application platform. Beyond merely providing access control for a single isolated system, modern, flexible architectures support a business-spanning fed-eration of applications and services by sharing digital identities. The diversity of today's specifications and the many aspects to be considered, like e.g. pri-vacy, system integrity and distribution in the Web, makes the construction of these architectures a very time-consuming task. Thus, a uniform view on the overall system is needed that abstracts from technological issues. This can be achieved by extracting the core concepts from the emerging Federation tech-nologies and specifications and formalize them to an extent that they can be used as a foundation for configurable applications and services. In this paper, we introduce a solution catalogue of reusable building blocks for Identity and Access Management (IAM). We also present a configurable system that sup-ports IAM solutions in Web-service-based applications.