How Identity Management and Security are related?
A client uses an identity (most of the time it is a user identity) to gain access to the service it needs. A typical SOA solution is distributed over multiple security domains and there could be several identities attached to a single user in different security domains. This poses some problems with traditional security approaches. The security infrastructures may vary among the various backend systems, so users may need to be authenticated for each system. The other problem is related to the SOA service composition layer, which might be calling many different atomic services falling under different security domains. The absence of overall security context makes it difficult to associate multiple user identities.
