The Internet of Everything (IoE) is creating many new scenarios where both people and things (i.e., machines or devices) in an enterprise environment are interconnected through the enterprise's information technology (IT) infrastructure to form an enterprise ecosystem (i.e., an enterprise network domain). Moreover, enterprises are now partnering to form partner ecosystems that allow partner vendors to service enterprise devices or provide other support services to the enterprise ecosystem. The number of IT partners supporting or otherwise connected to an enterprise ecosystem can be very large, thereby causing the enterprise ecosystem to become quite complex. Enterprise ecosystems become even more complex when IT partners connect through the cloud. Due to the increased use of cloud infrastructure and the increased number of partnerships, the overall infrastructure complexity is rapidly increasing.
In order to utilize partner ecosystems, enterprises frequently look for identity brokerage services to allow users from partner enterprises to access their resources and infrastructure. Remote Authentication Dial-In User Service (RADIUS), which was designed with an enterprise focus, is one of the most commonly used protocols for authenticating network-based and remote-access users (or even devices) when devices and/or users need authentication services to access resources included in an enterprise network domain. Additionally, in some instances, two enterprises may agree to form a federation relationship that helps broker information from one identity database in a first enterprise network domain to another that is maintained and managed by a different enterprise network domain. In a federation relationship, the partner enterprises are interconnected and configured to operate in a common management framework under a common management authority. The interdependency between different entities in cross-domain relationships further increases the infrastructure complexity.
Like reference numerals have been used to identify like elements throughout this disclosure.