Change search
ReferencesLink to record
Permanent link

Direct link
Federated Identity Management: AD FS for single sign-on and federated identity management
Mid Sweden University, Faculty of Science, Technology and Media, Department of Information Technology and Media.
2012 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Organizations are continuously expanding their use of computer ser-vices. As the number of applications in an organization grows, so does the load on the user management. Registering and unregistering users both from within the organization and also from partner organizations, as well as managing their privileges and providing support all accumu-lates significant costs for the user management. FIdM is a solution that can centralize user management, allow partner organizations to feder-ate, ease users’ password management, provide SSO functionality and externalize the authentication logic from application development. An FIdM system with two organizations, AD FS and two applications have been deployed. The applications are constructed in .NET, with WIF, and in Java using a custom implementation of WS-Federation. In order to evaluate the system, a functional test and a security analysis have been performed. The result of the functional test shows that the system has been implemented successfully. With the use of AD FS, users from both organizations are able to authenticate within their own organization and are then able to access the applications in the organizations without any repeated authentication. The result of the security analysis shows that the overall security in the system is good. The use of AD FS does not allow anyone to bypass authentication. However, the standard integra-tion of WIF in the .NET application makes it more susceptible to a DoS attack. It has been indicated that FIdM can have positive effects on an organization’s user management, a user’s password management and login procedures, authentication logic in application development, while still maintaining a good level of security.

Place, publisher, year, edition, pages
2012. , 63 p.
Keyword [en]
Federated identity management, active directory federation services, windows identity foundation, WS-Federation
National Category
Computer Engineering
URN: urn:nbn:se:miun:diva-17039OAI: diva2:556053
Subject / course
Computer Engineering DT1
Educational program
Civilingenjör i datateknik TDTEA 300 hp
2012-08-20, L408, Sundsvall, 16:00 (English)
Available from: 2012-09-26 Created: 2012-09-24 Last updated: 2012-09-26Bibliographically approved

Open Access in DiVA

Carl_Wikblom-Federated_Indentity_Management(1092 kB)529 downloads
File information
File name FULLTEXT01.pdfFile size 1092 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Department of Information Technology and Media
Computer Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 529 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 640 hits
ReferencesLink to record
Permanent link

Direct link