Identity authentication and authorization are integral tasks in today's digital world. As businesses become more technologically integrated and consumers use more web services, the questions of identity security and accessibility are becoming more prevalent. Federated identity links user credentials across multiple systems and services, altering both the utility and security landscape of both. In Federated Identity Primer, Derrick Rountree

  • Explains the concepts of digital identity
  • Describes the technology behind and implementation of federated identity systems
  • Helps you decide if federated identity is good for your system or web service

Key Features

• Learn about Internet authentication

• Learn about federated authentication

• Learn about ADFS 2.0


This book is aimed at IT professionals responsible for authentication in their organization as well as web application developers responsible for developing apps with authentication capabilities.

Table of Contents


What to Expect from this Book

Chapter 1. Introduction to Identity

Information in this chapter:

1.1. Introduction

1.2. What Is Identity?

1.3. The Internet Identity Problem

1.4. Summary

Chapter 2. What Is Federated Identity?

Information in this chapter:

2.1. Introduction

2.2. Authentication and Authorization

2.3. Access Control

2.4. Federated Service Model

2.5. Federated Identity

2.6. Summary

Chapter 3. Federated Identity Technologies

Information in this chapter:

3.1. Introduction

3.2. OpenID

3.3. OAuth

3.4. Security Tokens

3.5. Web Service Specifications

3.6. Windows Identity Foundation

3.7. Claims-Based Identity

3.8. Summary

Chapter 4. Deployment Options

Information in this chapter:

4.1. Introduction

4.2. Making a Choice

4.3. Active Directory Federation Services

4.4. Microsoft ACS

4.5. Summary


No. of pages:
© 2013
Print ISBN:
Electronic ISBN:

About the author

Derrick Rountree

Derrick Rountree (CISSP, CASP, MCSE) has been in the IT field for almost 20 years. He has a Bachelors of Science in Electrical Engineering. Derrick has held positions as a network administrator, IT consultant, a QA engineer, and an Enterprise Architect. He has experience in network security, operating system security, application security, and secure software development. Derrick has contributed to several other Syngress and Elsevier publications on Citrix, Microsoft, and Cisco technologies.

Affiliations and Expertise

(CISSP, CASP, MCSE) has been in the IT field for almost 20 years.