IBM and Microsoft want to federate your identity
By Alun Williams
Posted on 9 Jul 2003 at 12:37
Microsoft and IBM have shown their plans for managing user identities online across Web services.
The two companies, along with RSA Security, BEA Systems and VeriSign, have published a specification for WS-Federation, which deals with problems of how to establish and manage business relationships via trusted third parties.
The plans envisage a 'federated identity' system that can support single sign-ins - eg a single login can be propagated across all trusted systems. For example, if someone logs in with service-provider A, then - seamlessly and transparently - their identity can also be accepted by service-provider B to provide supplementary data or information. For example, an online travel agency could securely arrange flight bookings with an airline and arrange car hire, without the user having to re-identify themselves to each of the companies involved.
IBM and Microsoft published a specification for establishing secure Web Services (WS-Security) - back in April.
In addition to WS-Federation, they have also announced other modular specifications, such as WS-Trust (establishing direct and brokered trust relationships), WS-Privacy (how Web services should state and implement a privacy policy), WS-Secure Conversation (how the secure exchange of messages should be authenticated), WS-Policy (defining what a WS-Security policy can and can't do), and WS-Authorisation (how Web services themselves manage and authorize data and policies.
Only the specifications for WS-Privacy and WS-Authorisation now remain to be published.
IBM and Microsoft are expected to present a demonstration of WS-Federation at the Burton Group Catalyst Conference in San Francisco today.
The scheme is a rival to Sun Microsystems-backed Liberty Alliance Project. Established back in September 2001, Liberty Alliance specifications have begun to find their way into Sun software, specifically the Sun ONE Identity Server at the beginning of this year.
A key feature of the server is the ability to 'federate identities' via the Liberty Specification or SAML (Security Assertion Markup Language).
Vodafone is amongst those thought to be planning implementations of Liberty Alliance's management of federated identities. The telecom sector is keen to raise revenue from new services. These will involve third-parties interacting, on a trusted basis, with a telco's established customer base.
Over thirty major companies have signed up to participate in the project. Charter members include Sony, Cisco Systems, eBay, VeriSign, Vodafone and NTT DoCoMo (and not IBM).
Part of Liberty's goal is to work closely with other standards bodies in advancing federated network identity. To that end it announced at the start of the year that it had contributed version 1.1 of its federated network identity specifications to OASIS (Organization for the Advancement of Structured Information Standards). Specifically, the spec will appear within future versions of the OASIS Open Standard Security Assertion Markup Language (SAML).
See also
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Is Microsoft mismanaging Windows on ARM?
- Dealing with spam surrogates
- Why 3G broadband can be better and cheaper than ADSL
- Is Twitter bad for business?
- Publishing your email address isn't a security disaster
- Why you'll need a fax machine to develop iOS apps
- Learning to adapt to the mobile web
- Why you shouldn't use WPS on your Wi-Fi network
- Disabled users suffer when software breaks the rules
advertisement
