Home » Identity & Access » Federated IDM

In Brief

Federated Identity Management: Flying Duo

Boeing and Southwest's partnership teams federated identity management with Web-based application access

» add a comment

By Deborah Radcliff

November 01, 2004 — CSO — In 2002, Boeing rolled out an extranet application before or we needed to add or delete accounts," says Michael Frederick, manager of technology security for Southwest Airlines.

Southwest, with more than 6,000 mechanics, wanted to administer its own user accounts in MyBoeingFleet. "It is easier for SWA employees to remember a single credential, and it is more cost effective for Boeing to not have to provide help desk support for users who are not Boeing employees," says Frederick. So the two companies established a federated system, whereby authorized Southwest users can access appropriate Boeing resources with the same log-in. The two companies found that the process side of federated identity management can be more complex than the technical side. "Federated comes into play when you've got a contractual trust relationship that's set up between the two organizations ahead of time," explains Frederick. "We had lawyers negotiate the contractswhat we were going to allow each other to do in the systems, what we were allowed to see and who's liable for what if something goes wrong."

All of this is good in certain applications such as portals and extranets, says Phebe Waterfield, security analyst with The Yankee Group. But it won't do much to relieve the lion's share of the identity management burden. "Only 10 percent of corporate applications are Web-based. The other 90 percent are legacy," she says. "So the real identity management problem is still inside the enterprise."

Other stories by Deborah Radcliff

RESOURCE CENTER

VIRTUAL CONFERENCE

Data Center Directions Virtual Conference

Attend this free, 100% online event exploring tools and techniques for making your data center deliver for today and tomorrow.

» Learn more and register here

WHITE PAPER

Discover whether hosting is your smartest choice for enterprise messaging.

To host or not to host? Thats the question for many CIOs as the volume and complexity of enterprise messaging continues to skyrocket.

» Read the Paper

White Papers

5 Strategies for Reducing the High Cost of Online Consumer Authentication

A Guide to Providing Proactive Protection to Consumer Online Transactions

Enterprise Management Associates: Taking the Botnet Threat Seriously

Understanding Data Location is Imperative for Data Loss Prevention

Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology

Stop mobility from jeopardizing PCI compliance with these best practices.

Embrace NAC for protecting today's greatest blind spot: the mobile endpoint.

Learn best practices for maximizing your mobile workforce infrastructure.

Guide: 5 Steps to Secure Outsourced Application Development

Fact or Fiction Security Survival Guide: Clearing up Misconceptions, Myths and Mistruths about Security

Moving Past Enterprise Single Sign-On (SSO): Securing Internet SSO

More White Papers »

Featured Sponsors

Sponsored Links

BigFix - Be the IT Superhero!

Any company can promise identity protection. Only Debix can prove it

Understanding Data Location is Imperative for Data Loss Prevention

5 Steps to Secure Outsourced Application Development

Webcast: Solutions to the Toughest IT Challenges in Remote Offices

Secure your virtual and physical environments with the same software

Clear up Misconceptions, Myths and Mistruths about Security

Get in Compliance With Government Data Regulations

Taking the Botnet Threat Seriously

Webcast: Best Practices for Application Security in the Financial Sector