Claim Based Identity for Authentication and Authorization in Web Services

Claim Based Identity for Authentication and Authorization in Web Services

ABSTRACT

Digital Identity as we know today is far behind the Real World Identity that we experience in day today activities. Claim based identity systems can provide a richer set of functionalities which can be used to narrow the gap between real world and digital world identity transactions. There are various standard languages defined for specifying security claims about digital subjects. In distributed environments like inWeb Services, there are standard ways to transfer these claims among different entities. Specification of security claims and there secure transfer among different entities creates a powerful framework which can support higher goals like authentication and authorization. This paper describes an implementation of a standard security claim specification and transfer mechanism in Web services for authentication and authorization.