NIH Federated Identity - Authentication / Authorization Brick

Home > Architecture Library > Technology Architecture > NIH Federated Identity - Authentication / Authorization Brick

Description

The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access multiple applications or data sources securely and seamlessly by relying on the identity provider’s authentication process rather than NIH’s. Federated Identity service is enabled through the use of open industry standards and/or openly published specifications.

Please view the NIH Federated Identity - Authentication/Authorization Brick below:

Tactical

(0-2 years)

Active Directory Federated Services 1.0
CA Etrust Site Minder Resource (SAML, chains/tokens, STS)
HHS Public Key Infrastructure (PKI)
Information Card (infocard, CardSpace)
Shibboleth
Active Directory

Strategic

(2-5 years)

Active Directory Federation Services 2.0
CA Etrust SOA
Information Card (infocard, CardSpace)
Public Key Infrastructure (PKI)
Higgins

Retirement

(To be eliminated)

Containment

(No new development

Local database authentication

Baseline

(Today)

CA Etrust Site Minder
Secure ID/RSA
HHS PKI
Active Directory Services
Local database authentication

Emerging

(To track)

Two-factor authentication
Three-factor authentication

Comments

N/A

Time Table

This architecture definition approved on: June 25, 2008

The next review is scheduled in: TBD

Architecture Type
Technology Architecture
Technology Type
Integration Technology, Security
Artifact Type
Brick