Federation
Federation services allow identity information to be shared across organizations and IT systems, normally for authentication purposes. The most common uses for federation services are joint ventures and cloud authentication, where third-party authentication is required. When two entities seek to do business on a joint project, rather than merge their entire IT infrastructures, they use federation services to authenticate the other third-party users for the purposes of the joint project.
For example, consider the following joint venture between Companies A and B. Each entity hosts distinct users in its own directory service, as shown in Figure 19.6:
Figure 19.6: Directory services listing for a joint venture
In a joint venture where each company maintains its own domain, a company can only authenticate users within its domain. For instance, Mr. Orange from Company B cannot be authenticated by Company A’s security administrator. The...