Description
The goal of NIH’s Federated Identity service is to give a person the ability to use the same user name, password, or other personal identification to access multiple applications or data sources securely and seamlessly by relying on the identity provider’s authentication process rather than NIH’s. Federated Identity service is enabled through the use of open industry standards and/or openly published specifications.
Please view the NIH Federated Identity - Authentication/Authorization Brick below:
Brick Information
Tactical
(0-2 years)
|
Strategic
(2-5 years)
|
- Active Directory Federated Services 1.0
- CA Etrust Site Minder Resource (SAML, chains/tokens, STS)
- HHS Public Key Infrastructure (PKI)
- Information Card (infocard, CardSpace)
- Shibboleth
- Active Directory
|
- Active Directory Federation Services 2.0
- CA Etrust SOA
- Information Card (infocard, CardSpace)
- Public Key Infrastructure (PKI)
- Higgins
|
Retirement
(To be eliminated)
|
Containment
(No new development)
|
|
- Local database authentication
|
Baseline
(Today)
|
Emerging
(To track)
|
- CA Etrust Site Minder
- Secure ID/RSA
- HHS PKI
- Active Directory Services
- Local database authentication
|
- Two-factor authentication
- Three-factor authentication
|
Comments
Time Table
This architecture definition approved on:
June 25, 2008
The next review is scheduled in:
TBD