Trend Report: The impact of claims-based approaches

Report Details

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are) provided by other vendors as well.

A claim is a piece of information about a user provided by an identity provider which can be challenged by the relying party which receives that claim. Claims can represent pretty much anything about a user. The name, the age, the role within in a corporation, the purchase limit of that user in a specific business context or whatever else. There are as many options as use cases. Based on that concept, identities and identity-related information (including important elements of business policies) can be separated from application code.

Given that, the concept of claims is a core element of any approach towards an application security infrastructure (ASI) and, in general, the externalization of identity, access control and overall security from application code.

We strongly recommend to add the concept of claims as a standard element to any concept in the area of application security infrastructures, IAM, GRC, and especially application architecture. Regardless of the vendor who provides the technical elements, the approach of separating identities from applications appears to be valid and to be a significant break-through for application security.
You can get access to this document for free, if you register for KuppingerCole Select access now.

Date Title Price
May 02, 2009

Trend Report: The impact of claims-based approaches

The term of “claims-based identity” and the idea overall of using the term “claim” in Identity and Access Management (IAM) has been introduced by Microsoft some two years ago but the concepts can be used in any environments and technologies can (and sometimes are)…

€125.00 Get Access

Discover KuppingerCole

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

GDPR and Customer Data - Eyes on the Stars and Feet on the Ground

Big data analytics is getting more and more powerful and affordable at the same time. Probably the most important data within any organisation is knowledge of and insight into its customer's profiles. Many specialized vendors target these organisations. And it is obvious: The identification of [...]

Latest Insights

Hot Topics

Spotlight

Learn more

Digital Finance

The emergence and prominence of bitcoin and its underlying technology Blockchain with open source, real-time payments capabilities and without centralized regulatory authority has sparked the Financial Services industry into exploring how Blockchain technology might be applied to mainstream banking and insurance sectors. Blockchain technology goes further than just a distributed ledger. Another initiative gaining acceptance is Smart Contracts that use computer protocols to facilitate, verify, or enforce the negotiation or performance of a contract or that obviate the need for a contractual [...]

Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00