An Overview of Limitations and Approaches in Identity Management

TL;DR

This paper reviews the evolution of identity management, analyzes existing models and approaches, and highlights the need for a unified framework to address trust, liability, and interoperability challenges.

Contribution

It extends identity management requirements, maps existing models to these, and identifies gaps, emphasizing the necessity for a holistic framework.

Findings

Existing models face trustworthiness and liability issues.

Interoperability problems are prevalent among current approaches.

A unified identity management framework is needed.

Abstract

Identity and access management (I&AM) is the umbrella term for managing users and their permissions. It is required for users to access different services. These services can either be provided from their home organization, like a company or university, or from external service providers, e.g., cooperation partners. I&AM provides the management of identifiers with the attributes, credentials, roles, and permissions the user has. Today, the requirements have evolved from simply accessing individual web services in the internet or at a company to the majority of all IT services from different service providers with various accounts. Several identity management models have been created with different approaches within. In order to adjust to heterogeneous environments, use cases, and the evolution of identity management, this paper extends known requirements for identity management. Existing models and approaches for identity management are mapped to the derived requirements. Based on the mapping, advantages, disadvantages, and gaps are identified. Current approaches suffer, as an example, from trustworthiness and liability issues. Interoperability issues are even more inherent as the approaches partly develop apart, forming an heterogeneous environment. The results from this analysis emphasize the need for one holistic identity management framework.