Liberty seeks clarity, offers guidance

A Sun Microsystems Inc-based group building federated network identity specifications has taken steps to clarify its strategic direction and technology for members.

The Liberty Alliance Project announced it has collated a series of planned and previously published XML-based specifications into two frameworks. The frameworks are outlined in a white paper published yesterday.

The Identity Federation Framework is based on version 1.0 and 1.1 of its published specifications for federated single sign-in. The Identity Web Services Framework, meanwhile, is aimed at more advanced identity services such as the discovery of identity services.

Simon Nicholson, chairman of Liberty’s business and marketing expert group, said the frameworks use a modular block architecture, which allows them to fit together as users require.

Nicholson, also Sun’s manager of industry initiatives, said Liberty’s goal is to clarify its original blueprint for members. Liberty was founded in September 2001 by 12 organizations and last week announced its latest expansion to 160 members, with the admission of the US General Services Administration and Department of Defense.

The organization’s membership spans IT vendors, financial services companies and government organizations world wide, each with differing levels of knowledge and needs for implementation.

There are 160 organizations in Liberty that are looking for a greater degree of clarity about how this all fits together. The deeper you go, the more complex it [Liberty] is, Nicholson said.

Identity Federation Framework will be filled-out further by the middle of 2003. The group will add capabilities for single sign-in across so-called circles of trust – groups of organizations allied through business and security agreements – and better support for users’ own affiliations, such as a company portal.

A personal profile will also be added, that expresses an individual’s common attributes such as a user name and mailing address in XML.

Identity Web Services Framework, meanwhile, currently offers security profiles in WS-Security and Security Assertion Mark-up Language (SAML), extended client support to act as if an ordinary HTTP-based devices has a Simple Object Access Protocol (SOAP) server, ability to discover identity services, and a template that can be used in the construction of data-based identity services.

Source: Computerwire

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing