Trend Report: The impact of claims-based approaches

Report Details

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are) provided by other vendors as well.

A claim is a piece of information about a user provided by an identity provider which can be challenged by the relying party which receives that claim. Claims can represent pretty much anything about a user. The name, the age, the role within in a corporation, the purchase limit of that user in a specific business context or whatever else. There are as many options as use cases. Based on that concept, identities and identity-related information (including important elements of business policies) can be separated from application code.

Given that, the concept of claims is a core element of any approach towards an application security infrastructure (ASI) and, in general, the externalization of identity, access control and overall security from application code.

We strongly recommend to add the concept of claims as a standard element to any concept in the area of application security infrastructures, IAM, GRC, and especially application architecture. Regardless of the vendor who provides the technical elements, the approach of separating identities from applications appears to be valid and to be a significant break-through for application security.
You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
May 02, 2009

Trend Report: The impact of claims-based approaches

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are)…

€125.00 Get Access

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

GDPR as opportunity to build trusted relationships with consumers

During the KuppingerCole webinar run March 16th, 2017, which has been supported by ForgeRock, several questions from attendees were left unanswered due to a huge number of questions and a lack of time to cover them all. Here are answers to questions that couldn’t be answered live during the [...]

Latest Insights

Hot Topics

Spotlight

Learn more

Security Operations Center

Today, the Security Operations Center (SOC) is at the heart of enterprise security management. It is used to monitor and analyze security alerts coming from the various systems across the enterprise and to take actions against detected threats. However, the rapidly growing number and sophistication of modern advanced cyber-attacks make running a SOC an increasingly challenging task even for the largest enterprises with their fat budgets for IT security. The overwhelming number of alerts puts a huge strain even on the best security experts, leaving just minutes for them to decide whether an [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00