Evaluation of different Open Source Identity management Systems Ghasan Bhatti, Syed Yasir Imtiaz Linkoping’s universitetet, Sweden [ghabh683, syeim642]@student.liu.se 1. Abstract Identity management systems are the tools to secure digital identity of the users in consistent, automated and interoperable way. There are many Open source identity management solutions which are being used by many organizations to fulfill their need of securing and managing the identity of their users. In this document we will discuss the different open source identity management systems and will compare and evaluate their features, services which these systems provide to their users. 2. Introduction Digital Identity is the record or profile of an individual stored in an electronic format which is being managed as a single unit in an identity system. The identity management system aims at protecting the digital identity of the users in a way to provide security, consistency, privacy and interoperability. Microsoft dot net passport which is the proprietary of Microsoft is a famous identity management system which is being used by every user of Microsoft. Besides this there are many open source identity management systems which are being used in many organizations fulfilling the needs for the privacy of their data and management of their accountability and resource management for the users of the respective organization. Here we are going to describe and evaluate few of them. The Identity management systems which we are going to evaluate are described as under: 1. Open Web SSO 2. Open Privacy 3. Shibboleth 4. Bandit 3. Open Web SSO The main purpose of Open Web SSO is to present such an infrastructure for the identity services that will be used to make it possible of using Single Sign-On for the Web applications. [1] 3.1 Basic Architecture: We will describe the basic architecture of an Open Web SSO by using the Use case diagram. In this diagram the User can be End User who has no administrative roles, or can be an administrator who has administrative roles; <<system>> web application is responsible for hosting business application and <<system>> SSO agent is responsible for validating user sessions. [2] Figure 1: Setup with SSO Agent 3.2 Scenarios: 1. Access Web Application If a user wants to access a web application then there will be following different steps.