What is the Liberty Alliance Project?
What are the objectives of the Liberty Alliance Project?
What is network identity?
What is federated network identity?
What’s driving the need for a federated network identity?
How will federated network identity benefit users?
How are the technical specifications developed within the Alliance?
Liberty Alliance Version 1.x Specifications
What are the Liberty Version 1.x Specifications?
When do you expect to be releasing your next set of specs?
What do the specifications do?
Who can use the specifications?
Why should businesses implement the Liberty specifications?
What are the main benefits to consumers?
What are the Alliances plans for the next release of specifications?
Who can access the specifications? Where can they access them?
When will Liberty-enabled products and services be available?
How many members are currently in the Alliance?
What are the various levels of membership in the Liberty Alliance?
What are “All Participant” meetings?
What companies are on the Liberty Alliance Management Board?
Does it cost money to participate in the Liberty Alliance Project?
How is the Alliance money used?
Q: What is the Liberty Alliance Project?
A: The vision of the Liberty Alliance Project is to enable a networked world in which individuals and businesses can more easily conduct transactions while protecting the privacy and security of vital identity information. To accomplish its vision, the Liberty Alliance will establish an open standard for federated network identity through open technical specifications that will:
- Support a broad range of identity-based products and services
- Enable commercial and non-commercial organizations to realize new revenue and cost saving opportunities that economically leverage their relationships with customers, business partners, and employees
- Provide consumers with choice of identity provider(s), the ability to link accounts through account federation, and the convenience of single sign-on, when using any network of connected services and devices
- Increase ease-of-use for consumers to help stimulate e-commerce
Membership is open to all commercial and non-commercial organizations.
Q: What are the objectives of the Liberty Alliance Project?
A: The key objectives of the Liberty Alliance are to:
- Develop specifications that enable commercial and non-commercial organizations to protect consumer privacy
- Provide an open single sign-on specification that includes federated authentication from multiple providers operating independently
- Enable commercial and non-commercial organizations to control, maintain and enhance relationships with constituents
- Create a network identity infrastructure that supports all current and emerging network access devices
Q: What is network identity?
A: Network identity refers to the global set of attributes that are contained in an individual’s various accounts with different service providers. These attributes include such information as name, phone numbers, social security numbers, addresses, credit records and payment information. For individuals, network identity is the sum of their financial, medical and personal data-which must be carefully protected. For businesses, network identity represents their ability to know their customers and constituents and reach them in ways that bring value to both parties.
Q. What is federated network identity?
A: On a very basic level, federated network identity means consumers and businesses can allow separate entities to manage different sets of identity information. Account federation enables associating, connecting or binding a user’s multiple Internet accounts within an affiliated group established between or among commercial and non-commercial organizations and governed by some legal agreement. Federated single sign-on enables users to sign on with one member of an affiliate group and subsequently use other sites within the group without having to sign-on again.
Q: What’s driving the need for a federated network identity?
A: Network identity management reflects the same interactions in a digital world that businesses and consumers have with each other in real life. For example, in-person relationships consist of security, trust, convenience and often a shared history. A relationship in the digital world should have the same elements.
Understanding and creating the best technical infrastructure to enable these relationships to work in a digital world will help drive the next generation of the Internet-what we call federated commerce. It has the power to drive e-commerce, enhance relationships among businesses and their customers, vendors and employees, and ultimately advance computing in practically every industry.
Q: How will federated network identity benefit users?
A: Federated network identity provides users with a choice as to which companies and how many business entities they wish to trust with their identity and personal information. Federated network identity also provides users with the convenience of being able to login at one service provider’s site and then go to an affiliated site without having to re-authenticate or re-establish their identity.
Q: How are the technical specifications developed within the Alliance?
A. All Sponsors are involved in the development of the spec through participation in one or more expert groups. In addition, the Affiliate and Associate level members have the opportunity to review and comment on the specifications prior to public release. The technical specifications are developed in the Technology Expert Group, based on a set of requirements developed by the Marketing Expert and the Public Policy Expert Groups. The Liberty Alliance Management Board has final voting approval on the specifications prior to public release.
Liberty Alliance Version 1.x Specifications
Q: What are the Liberty Version 1.x Specifications?
A: On July 15, 2002 the Liberty Alliance announced public availability of its version 1.0 specifications, the consortium’s open, platform-agnostic specifications for federated network identity. The version 1.0 specifications focus on interoperability between systems to enable opt-in account linking and simplified sign-on functionality. This allows users to decide whether to link accounts with various identity providers and makes it easier for both consumers and businesses to take advantage of the growing Web services space. . As a maintenance follow-up following a period of public comment, the Liberty Alliance ratified and released the 1.1 identity federation framework specifications on Jan. 15, 2003.
In addition, numerous members of the Alliance have announced directional or specific announcements for how and when they will be implementing Liberty version 1.x specifications within their own company, products or services. The first Liberty-enabled products began shipping in Q4 2002, and many more are anticipated in the first half of 2003.
Q: When do you expect to be releasing your next set of specs?
A: We expect the next specifications to be released in the first half of 2003.
Q: What do the specifications do?
A: The Liberty version 1.1 specifications are the first step in building an open identity federation framework that will enable users to link their accounts with various disparate identity providers. Specifically, the specifications enable the following features:
- Opt-in account linking – Users can choose to link accounts they have with different service providers that are within “circles of trust” (existing business agreements or affinity programs)
- Simplified sign-on for linked accounts – Once a user’s accounts are federated, he/she can log in and authenticate at one linked account and navigate to another linked account without having to log in again.
- Authentication context – Institutions or companies linking accounts can communicate the type and level of authentication that should be used when the user logs into different accounts.
- Global log-out – Once a user logs-out of the site where they initially logged in, the user can be automatically logged-out of all of the other sites the user linked to and still maintains a live session
- Liberty Alliance client feature – This can be implemented on particular client solutions in fixed and wireless devices to facilitate use of the Liberty version 1.1 specifications
The Liberty version 1.1 specifications do not involve the exchange of personal information, but rather a format for exchanging authentication information between companies so as to not reveal the identity of the user. The user may maintain separate identities in different locations.
Q: Who can use the specifications?
A: All types of companies can use Liberty’s open specifications. The broad array of member companies within the Alliance illustrates the range of companies that can benefit from Liberty’s specifications – from wireless operators to financial service companies to hardware and software providers.
Q: Why should businesses implement the Liberty specifications?
A: Enterprises can benefit from using the Liberty specifications in many ways. For example, by enabling interoperability between heterogeneous network identity systems, within or between enterprises, companies can more easily and cost-effectively deploy web-based services. Companies with existing identity management systems (which is nearly anyone with a website with a registration function) will not need to overhaul their existing systems in order to use the Liberty Alliance specifications.
With an open federated network identity platform, companies can consolidate identities within their own enterprise, create strong and trusted relationships with businesses and customers by offering seamless and complementary services, and provide simplified sign-on convenience to all users.
Q: What are the main benefits to consumers?
A: The version 1.1 specifications will allow consumers to choose their identity provider and benefit from the ease-of-use and convenience of simplified sign-on when navigating the Internet from any device.
Q: What are the Alliances plans for the next release of specifications?
A: The Liberty Alliance anticipates that its next major release of specifications will be issued in the first half of 2003. The next release will provide an identity services framework and infrastructure for developing and supporting identity-enabled Web services from companies, organizations or government entities. The infrastructure will include a framework for permissions-based attribute sharing and will allow groups of organizations, often referred to as “circles of trust” or authentication domains, to be linked together, as opposed to operating as separate islands.
Q: Who can access the specifications? Where can they access them?
A: Anyone – members and non-members alike – can access and download the Liberty Alliance specifications directly from the Liberty Alliance website – www.projectliberty.org/specs/
Q: When will Liberty-enabled products and services be available?
A: Some already are, and many more are coming quickly. A complete list of companies who have announced shipping or soon-to-be-available products is available at: www.projectliberty.org/specs/enabled_products.html
Q: How many members are currently in the Alliance?
A: The Liberty Alliance Project currently has 150 members.
Q: What are the various levels of membership in the Liberty Alliance?
A: There are three levels of membership in the Alliance: Sponsor, Associate and Affiliate.
Sponsor membership provides full participation in Alliance working groups for those companies interested in having an active role. The Management Board is made up of Sponsor members who serve split two and three year terms. At the end of their terms, members’ seats are open to all Sponsor members for election. Any Sponsor can become a member of the Management Board at that time.
Associate membership is available to companies interested in participating in the Alliance, but not at the full sponsor level. Affiliate membership is available to non-profit and government agencies free of charge. Both Associates and Affiliates will have the opportunity to view and comment on draft specifications prior to public release, and to participate in special “All Participants” meetings held twice a year.
Q: What are “All Participant” meetings?
A: These “All Participant” meetings are held twice a year and are open to all members at every level. At these meetings, members will receive an update on the tactical and strategic directions of the Liberty Alliance and an opportunity to provide feedback.
Q: What companies are on the Liberty Alliance Management Board?
A. There are currently 12 companies on the management board. They are: American Express, AOL Time Warner, France Telecom, General Motors, Hewlett-Packard Company, MasterCard International, Nokia, NTT DoCoMo, RSA Security, Sony Corporation, Sun Microsystems, and Vodafone.
Q: Does it cost money to participate in the Liberty Alliance Project?
A: There are different fees for Alliance membership, depending on the particular membership level. The annual fee for Sponsors is $120,000 and for Associates is $1,000. There is no fee for Affiliate members
Q: How is the Alliance money used?
A: The Alliance allocates the funds to be used toward development and execution of an architecture, a development/engineering effort, marketing programs, and to cover all the expenses involved in meeting the objectives of the Alliance.