Federated Identification testing

We performed testing on a leading vendors “Federated Identity” (FI) product to determine if the offering would meet the requirements of the contractor. The concept was that the FI would be able to determine through heuristic analysis whether or not the user who is logged in is who they say they are or if they have some kind of virus causing unwanted behavior by the computer. The FI system would then shut down the network connection the system was using and alert the Systems Administrator that there was an issue. The system was well thought out but had issues that need improvement (cross domain security specifically) that we were able to help point out for the vendor to make the product more applicable to the SOCOM network.