Checklist: cross-domain identity management
- By Edmund X. DeJesus
- Feb 23, 2009
1. What is the compelling reason for implementing cross-domain identity management? What will it allow your agency to do or do better?
2. Which other agencies do you want to allow access to your resources? What resources belonging to other agencies do you want your employees to access?
3. Can commercial products work with your applications and data?
4. Are the business processes for authentication and authorization well-defined at your agency?
5. What levels of access does your agency have, and what are the criteria for those levels?
6. What roles — as opposed to people — should have authorization to which resources at your agency?
7. What legal, political or security difficulties must your agency overcome to successfully use cross-domain identity management?
8. Do vendor products use open standards in their data exchange?
9. Can your vendor support a pilot project to demonstrate how identity management would work at your agency?