Chapter 12. Securing the IdentityDesign Strategies and Best Practices

Topics in This Chapter

• Identity Management Security Patterns

• Best Practices and Pitfalls

In Chapter 7, "Identity Management Standards and Technologies," we introduced the identity management and the relevant security standards, such as SAML, Liberty, and XACML. SAML is an XML protocol for representing authentication and authorization assertions and is used for single sign-on and global logout. Liberty reuses the security assertion framework from SAML and extends it with different identity profiles and framework. XACML provides a versatile policy management framework for administering access control rules and managing security policies. These security standards are important because they allow different security vendor products to interoperate with each other. Architects and developers are now able to work with different security infrastructures without rewriting most of the security components.

In a heterogeneous application infrastructure environment, each application system may have different user authentication mechanisms and customized authorization schemes. Enabling unified access with single sign-on and exit with global logout is a complex process. To handle this, architects and developers may need to build custom mechanisms or ensure that the current sign-on mechanisms support open standards such as SAML and Liberty. In either case, there is much similar processing logic and code in the Identity tier that can be refactored for reuse. You may also want to extract some commonly used security processing into helper classes instead of embedding the security processing logic into each of the authentication and authorization functions. If different versions of security packages are used simultaneously (for example, due to support for legacy systems), it would be useful to build an abstraction layer (using façade or delegate patterns) so that the identity management functionality can support multiple versions with backward compatibility. In these scenarios, adopting security patterns would be useful in addressing these requirements in the Identity tier.

In identity management, security patterns can provide a common design framework, unified SSO, and global-logout mechanisms for use with heterogeneous applications. They can also reduce significant design and development effort, because they simplify complexity while they capture many security best practices. Using abstraction, these security patterns can shield off custom-built or specific-vendor APIs, and this can reduce the impact of vendor lock-in if customers want to switch to another vendor product. Additionally, because security standards are still evolving, the abstraction layer in the security pattern can help mitigate the risk of migrating to new security standards.

There are many security vendor products and open source toolkits available in the market today that support SAML, Liberty, and XACML. Some security vendor products provide administrator-friendly agents or adapters so that you do not need to customize their applications by adding SAML protocols or Liberty identity profiles to their software program code. This is particularly useful for those who have a large amount of packaged applications purchased from vendors. Nevertheless, there are many of them who have home-grown applications that need to work with standards-based identity management architecture. This mandates a reusable identity management framework and security patterns to resolve the recurring problems and complexities.