Trend Report: The impact of claims-based approaches

Report Details

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are) provided by other vendors as well.

A claim is a piece of information about a user provided by an identity provider which can be challenged by the relying party which receives that claim. Claims can represent pretty much anything about a user. The name, the age, the role within in a corporation, the purchase limit of that user in a specific business context or whatever else. There are as many options as use cases. Based on that concept, identities and identity-related information (including important elements of business policies) can be separated from application code.

Given that, the concept of claims is a core element of any approach towards an application security infrastructure (ASI) and, in general, the externalization of identity, access control and overall security from application code.

We strongly recommend to add the concept of claims as a standard element to any concept in the area of application security infrastructures, IAM, GRC, and especially application architecture. Regardless of the vendor who provides the technical elements, the approach of separating identities from applications appears to be valid and to be a significant break-through for application security.
You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
May 02, 2009

Trend Report: The impact of claims-based approaches

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are)…

€125.00 Get Access
Mastercard Visa PayPal Invoice

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

For Oracle, the Future Is Autonomous

Recently, I have attended the Oracle OpenWorld in San Francisco. For five days, the company has spared no expenses to inform, educate and (last but not least) entertain its customers and partners as well as developers, journalists, industry analysts and other visitors – in total, a crowd of [...]

Latest Insights

Hot Topics

Spotlight

Privacy & the European Data Protection Regulation Learn more

Privacy & the European Data Protection Regulation

The EU GDPR (General Data Protection Regulation), becoming effective May 25 th , 2018, will have a global impact not only on data privacy, but on the interaction between businesses and their customers and consumers. Organizations must not restrict their GDPR initiatives to technical changes in consent management or PII protection, but need to review how they onboard customers and consumers and how to convince these of giving consent, but also review the amount and purposes of PII they collect. The impact of GDPR on businesses will be far bigger than most currently expect. [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00