Federated identity allows a user to log in once and access multiple areas that would otherwise require individual access. It simplifies person access and eliminates the need to share authentication technology. However, if the system conveying the authentication is insecure, security can be compromised for the entire system.
Federated identity is a computer feature that allows a business or other computer user to log into a system once and gain access to multiple areas that would otherwise require individual access for each. For example, a business may deal with many different suppliers, distributors, and manufacturers; with a federated identity, the company performs a login instead of a separate login for each company. This is done by passing authentication from one system to another and each system trusts the other systems. In addition to simplifying person access, organizations using federated identity do not need to share authentication technology. One disadvantage of using a federated identity is that if the system conveying the authentication is insecure, security can be compromised for the entire system.
Both companies and consumers are always dealing with multiple companies. On the business side, they will have to deal with all parts of the supply chain, while consumers are also buying products and services from different companies. Without a federated identity, the business or consumer would have to perform an authentication and login for each business so the business knows that the person is real and safe.
To ensure that the business or consumer is considered safe, they will need to log in using their federated identity. Once authenticated, the company uses standard security language to inform all affiliated companies that this person is genuine and poses no danger. From there, the business or consumer can go through all affiliate systems, without having to go through another login procedure. This saves time for the business or consumer and means fewer resources will be required for each business to perform the various authentications.
While the need for a single sign-in is a benefit, there are other benefits to using federated identity. The single login procedure can be duplicated without a federated system, but only if each company has the same directory service, which is not always the case. The federated system is standard, so it can be passed on to other companies, regardless of the directory service used.
A federated identity typically only allows secure access to members, but there can be a downside. If the company authenticating the user isn’t secure, this gives an attacker a much larger area of access. Instead of being able to infiltrate one system, the attacker will be able to access all federated systems from the single login.
Protect your devices with Threat Protection by NordVPN
