A digital identity comprises a limited set of attributes of a ”real-life identity” that characterizes a person or organization. Such an attribute can be a name, an affiliation or a credit card number. In decentralized environments such as service-oriented architectures or the Internet, a person often holds a multitude of digital identities, one with each system it interacts with.
As this number is increasing, the management of digital identities and associated authentication credentials is cumbersome for most computer users and bears significant security risks. Users do not only have difficulties to remember their passwords, they also bear a great burden to keep their account information up-to-date.
In our research, we are investigating on approaches for identity management that overcome these limitations. In particular, we are focussing on open identity management models, which can incorporate identity attributes not only from one source, as a local LDAP directory, but from many sources and even across domains.