Reference Model for Federated Identity Managmeent


At the end of the month, I’ll be presenting our reference model for federated identity management at EMMSAD 2021. As soon as the paper is online at, I will link it here.

But why is it working?

There are more and more identities, whether for one person or for an organization. In my password manager I have umpteen accounts and associated digital identities. Devices such as IoT devices or smartphones also have digital identities. These need to be managed. There are a variety of protocols, standards and software solutions. This makes it more and more difficult to get an overview of these complex structures. However, an overview and understanding of the services provided is required to improve current identity management systems. A systematic approach is therefore required.

The reference architecture has different requirements, such as reusable architecture with general and universal terminology, systematic overview and detailed perspectives on individual aspects, adaptability to different protocols and use cases as well as a representation of the interfaces of different entities. We implemented these requirements with ArchiMate and evaluated them based on a scenario. We were also able to use the reference model to model Kerberos, which does not fall under federated identity management.