Increasingly complex networks and distributed services require new security mechanisms. Both currently available solutions, i.e. directory services and distributed authentication systems have disadvantages that can be overcome by a new approach based on identity mapping.Identity mapping allows to map the identity of one human to different users in various systems. The security features of every system can be fully used and no common denominator limits the power of a single system. This paper describes the different types of mappings that are necessary to implement such a system. Mappings cannot occur only on a user-user basis but also roles and groups have to be considered to correctly represent modern security issues.