Identity management standards: A literature review

Abstract

Electronic identification (eID) and Identity Management (IDM) in the context of information systems is considered of crucial importance for citizen data safety, since it can authorize the proper stakeholders to access sensitive data. The plethora of information systems’ users and devices, the need for increased data confidentiality and integrity, as well as the requirement for proper data exchange considering short-range and long-range distance data exchange protocols and networks, increases the overall necessity for proper IDM mechanisms and techniques. Nevertheless, it needs to be identified that IDM mechanisms are not only security tools that improve technical skill sets, but the leaders towards opportunities that emerge. This manuscript provides an overview of state-of-the-art IDM standards and regulations towards interoperable eID, namely SAML, WS-Federation, OAuth, OpenID, FIDO, and Mobile Connect, including their latest versions. It considers different architectural components and scenarios, covering aspects of multiple domains, with the ability to be exploited across several networking and communication systems.