bwIDM : Federated Identity Management for the state of Baden-Württemberg (Germany)

Federated identity and access management (F-IAM) has many advantages in terms of, for instance, usability and the quality of identity information that is used to decide whether to grant or deny access to IT services. In contrast, the non-federated operation of IT services has often tremendous disadvantages for users and providers. However, a convenient integration of non-web-based services into an F-IAM infrastructure is not possible so far. To tackle this problem, we report on the project bwIDM that aims to provide federated single sign-on to, so far, locally administered, non-web-based services used by researchers of the state of Baden-Württemberg in Germany. In particular, we present FACIUS, a SAML-based architecture that enables cross-organizational access to high performance, grid, and cloud computing resources as well as to large scale data facilities.