Umesh Rajbhandari and I have documented the design of an Identity and Access Management (IAM) system that we successfully built for a large Australian corporation. We call our unique architectural approach "LIMA" (Lightweight/Low-cost/Loosely-coupled Identity Management Architecture).
The document describing LIMA is here. [Update 20/03/2012: I have changed the link to point to the InfoQ site instead of my own hosted copy because that was one of the conditions of publication.]