Search:

Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management

Organizations Worldwide Leverage SAML 2.0 Liberty Federation to Enable New Business Services, Help Meet Regulatory Requirements and Provide Users with Better Protection Against Online Fraud and Identity Theft

Tuesday, January 29, 2008

Liberty Alliance – January 29, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of SAML 2.0-based digital identity management applications that are delivering real world value to users and organizations around the globe. These applications are among the many public and private sector deployments helping to drive a more secure and privacy-respecting internet identity layer across applications, sectors and regions based on SAML 2.0 standards.

“Virtually all federation efforts and almost all federation product vendors have built-in SAML 2.0 support,” said Gregg Kreizman, research director, Gartner. “Governments and enterprises planning new identity federations should base their implementations on the SAML 2.0 standards.”*

 

Standard in Use in the Global Government and Public Sectors

With government organizations in The Americas, Asia, Australia and Europe building and deploying SAML 2.0-based identity applications, SAML 2.0 has become the standard of choice in the global eGovernment and public sectors. These governments are relying on SAML 2.0 to deliver a wide variety of new online services to citizens, help meet compliance mandates and to provide business and trading partners with a secure and trusted platform for conducting identity related transactions. A digital map and description of global eGovernment deployments based on SAML 2.0 Liberty Federation is available.

“The beauty of the proven interoperable SAML 2.0 standard is that it has been developed with input from deployers and vendors of digital identity management solutions to support a broad range of online identity related transactions,” said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. “From authenticating at social networking sites to enterprise, financial and government transactions requiring the highest degree of security and privacy protection, SAML.2.0 is providing the foundation for organizations in every sector to build and deploy successful digital identity management solutions.”

 

Cross-Industry Demand for Secure and Privacy-Respecting Digital Identity Solutions

The applications highlighted today are only a small sample of the hundreds of B2B and consumer-facing SAML 2.0–based deployments and proof-of-concept applications in the global identity market. These applications span vertical segments where users and deploying organizations demand the highest levels of security and privacy protection and proven interoperability is critical to managing wide scale digital identity management solutions. Liberty Alliance maintains a list of deploying organizations with highlights from the applications announced today including:

Google – Using SAML 2.0 allows Google's customers to treat web-based authentication to Google Apps™ the same way they treat authentication to their other services. "We're extremely happy with the number of products that natively support SAML, as well as the number of people available to help our customers use it," said Gabe Cohen, product manager, Google Enterprise. "We chose to support SAML because it provides immense flexibility as a robust standard and the security that our customers demand. Ultimately, we want our customers to make their own decisions about their security and authentication policies, and SAML makes it easy." For more information on Google Apps, visit www.google.com/a.

NTT - NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information. A Liberty Alliance SASSO case study is available.

“Our technology employs mobile phones and SAML 2.0 to strike the tough balance between security and privacy concerns on the one hand, and usability on the other—two necessities in the modern world,” said Dr. Kenji Takahashi, senior research engineer and supervisor, NTT Information Sharing Platform Laboratories.

The US GSA E-Authentication Solution - Originally launched in 2002 as part of the President's Management Agenda, E-Authentication Solutions assists federal agencies in mitigating the security and privacy risks associated with e-government and helps control government costs associated with authenticating large numbers of end users. In October 2007, the US General Services Administration (GSA) announced that passing Liberty Alliance SAML 2.0 interoperability testing is a prerequisite for participating in the US E-Authentication Identity Federation. The decision by E-Authentication Solutions to have vendors pass Liberty Alliance SAML 2.0 testing recognizes the important role proven interoperability plays in advancing identity federations. More information about the E-Authentication Solution is available at http://www.cio.gov/eauthentication/.

“E-Authentication Solutions wants federal agencies to be able to select the software that meets their unique business requirements while also delivering assurances that it will interoperate with other applications used within the Federation,” said Myisha Frazier-McElveen, Acting Program Executive, E-Authentication Solutions. “The US GSA is requiring vendors to pass Liberty Alliance SAML 2.0 interoperability testing to help ensure identity products can interoperate from day one and provide long-term business value to US Government Agencies.”

* Source: Gartner, Inc. “The U.S. Government’s Adoption of SAML 2.0 Shows Wide Acceptance”, by Gregg Kreizman, John Pescatore and Ray Wagner, October 29, 2007

 

About Liberty Alliance

Liberty Alliance is the only global identity organization with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, BT, France Telecom, HP, Intel, Novell, NTT, Oracle and Sun Microsystems. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at www.projectliberty.org.