Home Contact Pirean Press Resources Site Map  

IBM Tivoli

Federated Identity Manager

IBM Tivoli Federated Identity Manager provides a common way to unify identities that removes the cumbersome process of managed user sessions where the identity provider collects, manages and delivers each identity to the service provider. Providing instead a model for managing and deploying access through Single Sign On identities, Tivoli Federated Identity Manager enables a single identity per user to operate in a compliant, trusted fashion across federated organisations. For companies deploying Service Oriented Architecture (SOA) and Web Services, FIM provides policy-based integrated security management for federated web services.

Tivoli Federated Identity Manager enables the creation of a single user identity per user through Single Sign On. This identity is shared across organisations within a defined ‘federation’ to simplify administration and speed up communication. Built on a number of SSO federated identity and Web Services security standards, organisations with compatible standards (including Liberty Alliance specifications, SAML, WS-Federation, WS-Security and WS-Trust ) can swiftly exchange third-party knowledge and services.

Tivoli Federated Identity Manager operates by defining roles between the parties sharing information.The roles are divided into ‘identity providers’ and ‘service providers’. Depending on the relationship between parties, organisations can assume one or both of these roles.

The identity provider takes responsibility for issuing and validating identities and network credentials for end users. The identity provider defines the access employees, customers, and contractors have with service providers.

The service provider delivers the requested services for the end user based on the credentials issued by the identity provider.

In the case of a service-oriented architecture (SOA) environment an additional infrastructure service is required to simplify the management of security policies for both Web services requesters (service clients) and the Web services providers that need to be authenticated by service clients.

Federation, delivers a simple framework that removes the need for service providers to provide unnecessary account enrolment and the ongoing management costs that come with identity management. With the identity provider guaranteeing the credentials of the user the service provider only delivers the business services requested. As a result not only do both parties reduce costs across client support, but business process and effective decision making becomes faster and more effective.

Organisations working together in identity-based business processes reap substantial benefit from IBM Tivoli Federated Identity Manager. The benefits of Federated Identity Management include:


IBM Tivoli Federated Identity Manager uses IBM's Integrated Solutions Console (ISC) (included with FIM) to provide an intuitive web-based administrative console that combines FIM's services into one location. These services include:


IBM Tivoli Federated Identity Manager also includes IBM Tivoli Access Manager for e-business V5.1, IBM Tivoli Direcory Integrator V6.0, and IBM WebSphere Application Server Network Deployment V6.0.

Related Links: