Trend Report: The impact of claims-based approaches

Report Details

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are) provided by other vendors as well.

A claim is a piece of information about a user provided by an identity provider which can be challenged by the relying party which receives that claim. Claims can represent pretty much anything about a user. The name, the age, the role within in a corporation, the purchase limit of that user in a specific business context or whatever else. There are as many options as use cases. Based on that concept, identities and identity-related information (including important elements of business policies) can be separated from application code.

Given that, the concept of claims is a core element of any approach towards an application security infrastructure (ASI) and, in general, the externalization of identity, access control and overall security from application code.

We strongly recommend to add the concept of claims as a standard element to any concept in the area of application security infrastructures, IAM, GRC, and especially application architecture. Regardless of the vendor who provides the technical elements, the approach of separating identities from applications appears to be valid and to be a significant break-through for application security.
You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
May 02, 2009

Trend Report: The impact of claims-based approaches

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are)…

€125.00
excl. VAT
Get Access
Mastercard Visa American Express PayPal INVOICE

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

AWS re:Invent Impressions

This year’s flagship conference for AWS – the re:Invent 2018 in Las Vegas – has just officially wrapped. Continuing the tradition, it has been bigger than ever – with more than 50 thousand attendees, over 2000 sessions, workshops, hackathons, certification courses, a huge expo area, and, of course, tons of entertainment programs. Kudos to the organizers for pulling off an event of this scale – I can only imagine the amount of effort that went into it. I have to [...]

Latest Insights

Hot Topics

Spotlight

Modern Cybersecurity Trends & Technologies Learn more

Modern Cybersecurity Trends & Technologies

Companies continue spending millions of dollars on their cybersecurity. With an increasing complexity and variety of cyber-attacks, it is important for CISOs to set correct defense priorities and be aware of state-of-the-art cybersecurity mechanisms. [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00