How much Federation do we Need? Manageability of Diversity in Different Federated IDM-Services at KIT

  • TYPE: Business Case Study DATE: Thursday, May 12, 2011 TIME: 16:30-17:30 LOCATION: Ammersee II


In the current talk we discuss our experience with federated identity management at the Karlsruhe Institute of Technology (KIT, merger of the University of Karlsruhe and the Research Centre Karlsruhe), where a federated provisioning service has been implemented by the Steinbuch Centre for Computing (SCC) and the project Karlsruhe Integrated InformationManagement (KIM). This IDM-service is intended to overcome the heterogeneity of the highly diverse structure of organizational units (OU) of the KIT without interfering existing self-reliance of any OU. Besides the operation of such an inner-organizational federation, KIT is a member of the German federation DFN-AAI which is Germanys largest authentication and authorization infrastructure for research. This federation provides SAML-based and cross-organizational access to almost one hundred services for researchers of German universities and research institutions. Furthermore, we are also involved in current intents of providing federated single sign-on to so far locally administered services and resources for researchers of the state of Baden-Württemberg. After five years of developing and operating identity management at KIT, in particular in the aforementioned aspects (provisioning, authentication, and authorization), this talk will critically examine in which areas and under which conditions federated approaches have more advantages and are more manageable than central solutions. Furthermore, we will show our experience in development and operation of federated identity management services, our identified advantages, challenges, and restrictions of federated approaches and an insight into the current and future structure of identity management at KIT.


Sebastian Labitzke Researcher, Karlsruhe Institute of Technology (KIT) Sebastian Labitzke studied computer science at the University of Karlsruhe. He is member of the department Services, Development, and Integration at the Steinbuch Centre for Computing and part of Prof. Dr. H. Hartenstein's...

BrokerGate® is an identity provider in the Swiss insurance broker B2B market. It provides single sign-on and centralized user management across broker portals of multiple insurance companies. BrokerGate® was deployed by IG B2B for Insurers + Brokers, a registered association of insurance companies and insurance brokers active in Switzerland and in the Principality of Liechtenstein.

BrokerGate® went life in April, 2010, and currently allows 900 users to access the broker portals of 5 insurance companies after a single strong authentication. During the next years, another 15 insurers currently supporting this initiative will integrate their broker portals with BrokerGate®.

This presentation will cover both business aspects and technical aspects of BrokerGate®. It will give an overview of the project since its beginnings in 2007, and it will also address possible future developments and extensions.


Thomas Kessler is founding partner of TEMET AG ( ), a privately owned information and IT security consultancy located in Zurich, Switzerland. Ever since finishing his studies in physics at ETH Zurich in 1991, Thomas Kessler worked in information security for Swiss financial...

Peter Kleinert has been President of IG B2B ( since 2003. He initiated BrokerGate® and was its Business Project Leader. IG B2B is an enabler of electronic business in the Swiss insurance broker marketplace. Peter Kleinert has a long experience in the insurance industry. He was...

The European Commission (EC) acknowledged the importance of eID in the multilingual and multi-legal European environment. Apart from its participation to the funding of eID related research activities, EC established and supports the networking of eID practitioners through the “European eID Observatory” (EUReID) community, established in its portal. is a proactive initiative of the European Commission, free of charges and tailored to the needs of eGovernment, eInclusion and eHealth practitioners.

It is universally accepted that currently, the primary challenge for eID is not the technical feasibility of proposed solutions, but the socio-economic, political and human rights-related implications that an eID implementation has, especially when applied in a cross-border and/or cross-sectoral dimension. In order to be efficient in such a complex environment, the collaboration of all stakeholders is necessary.

The EUReID community has attracted already a significant number of eID practitioners from many countries and with many different skill sets. Hardware and IT vendors, academic researchers, solution providers, public administrations, eGovernment experts, and policy makers are all represented in EUReID, the pan-European neutral meeting place for eID.

Being an community, EUReID provides a variety of services to its members:

  • Library of relevant documents (web resources).
  • Announcements for future events.
  • News and achievements of relevant projects (national and cross-border).
  • Presentation of actual eID implementation cases.
  • Project analyses.

The EUReID members can contribute to the above resources providing information about their activities and may interact with each other through the blog feature. EUReID is supported by a team of professional facilitators and editors who guarantee the high quality of the content uploaded and maintained.

Already, in its first few months of operation, the EUReID community has analysed five projects addressing cross-border eID implementations and is currently organising a series of workshops where eID practitioners will be able to present, discuss and promote the outcome of their work mainly in the cross-border and cross-sector dimensions of eID applications.

EUReID can be used to locate potential research partners; to learn about eID implementations in all EU member states and associated countries; to identify forthcoming specialised events and policy-related activities at the national or international level.


Vassilia holds a M.Sc in diplomacy and international relations, as well as an M.A. in strategic communications and leadership. She is currently pursuing a doctorate degree pertinent to public diplomacy and conflict analysis with the Geneva School of Diplomacy.  Vassilia has represented a...

Log in to download presentations:  


Session Links


European Identity Conference 2011

Registration fee:
€1980.00 $2475.00 S$3168.00 21780.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 10 - 13, 2011 Munich