This paper provides a high-level example of how privacy preferences can be handled using a multileveled policy approach in the communication between a service provider and Web services provider. Nov. 2003

Liberty Alliance Web Services Framework: A Technical Overview

idwsf-intro-v1.0.pdf 1,007.91 kB

  • Technical Comparison of SAML 2.0 and OpenID
  • Next Generation of Digital Identity (Telenor Whitepaper)
  • Simplifying Federation Management with the Federation Router (HP Whitepaper) – ( HP SF Router whitepaper.pdf 750.73 kB )

Whitepaper: Simplifying Federation Management with the Federation

Federation, how it works, deployment models.

Simplifying Federation Management with the Federation Router; HP Select Federation
Prepared by: Jason L Rouault, HP

Liberty Identity Assurance Framework v1.0

Liberty Alliance formed the Identity Assurance Expert Group (IAEG) to foster adoption of identity trust services. Utilizing initial contributions from the e-Authentication Partnership (EAP) and the US E-Authentication Federation, the IAEG’s objective is to create a framework of baseline policies, business rules, and commercial terms against which identity trust services can be assessed and evaluated. The goal is to facilitate trusted identity federation to promote uniformity and interoperability amongst identity service providers. The primary deliverable of IAEG is the Liberty Identity Assurance Framework (LIAF).

The LIAF leverages the EAP Trust Framework [EAPTrustFramework] and the US E-Authentication Federation Credential Assessment Framework ([CAF]) as a baseline in forming the criteria for a harmonized, best-of-breed industry identity assurance standard. The LIAF is a framework supporting mutual acceptance, validation, and life cycle maintenance across identity federations. The main components of the LIAF are detailed discussions of Assurance Level criteria, Service and Credential Assessment Criteria, an Accreditation and Certification Model, and the associated business rules.

Assurance Levels (ALs) are the levels of trust associated with a credential as measured by the associated technology, processes, and policy and practice statements. The LIAF defers to the guidance provided by the National Institute of Standards and Technology (NIST) Special Publication 800-63 version 1.0.1 [NIST800-63] which outlines four (4) levels of assurance, ranging in confidence level from low to very high. Use of ALs is determined by the level of confidence or trust necessary to mitigate risk in the transaction.

The Service and Credential Assessment Criteria section in the LIAF will establish baseline criteria for general organizational conformity, identity proofing services, credential strength, and credential management services against which all CSPs will be evaluated. The LIAF will also establish Credential Assessment Profiles (CAPs) for each level of assurance that will be published and updated as needed to account for technological advances and preferred practice and policy updates.

The LIAF will employ a phased approach to establishing criteria for certification and accreditation, first focusing on the certification of credential service providers (CSPs) and the accreditation of those who will assess and evaluate them. The goal of this phased approach is to initially provide federations and Federation Operators with the means to certify their members for the benefit of inter-federation and streamlining the certification process for the industry. Follow-on phases will target the development of criteria for certification of federations, themselves, and a Best Practice guide for relying parties.

Finally, the LIAF will include a discussion of the business rules associated with IAEG participation, certification, and accreditation.

An Overview of the Id Governance Framework

The secure and appropriate exchange of identity-related information between users and applications and service providers (both internal and external) is the basis of providing deeper and richer functionality for service-oriented architecture.

Sensitive identity-related data such as addresses, social security numbers, bank account numbers, and employment details are increasingly the target of legal, regulatory, and enterprise policy. These include, but are not limited to, the European Data Protection Initiative, Sarbanes-Oxley, PCI Security standard, and Gramm-Leach-Bliley as examples.

The Id Governance initiative assists entities managing identity data with increased transparency and demonstrable compliance with respect to policies for identity-related data. It would allow corporations to answer questions such as: Under what conditions may user social security numbers be accessed by applications? Which applications had access to customer account numbers on January 27, 2007?

Privacy Summit Meeting at Net-ID Berlin – Summary Report

Privacy Summit Meeting at Net-ID Berlin – Summary Report

Liberty Alliance Commitment to Open Standards

Document describes, in brief, Liberty’s philosophy of open standards and the importance of an open development process

Liberty Alliance Contractual Framework Outline for Circles of Trust

This document provides guidance on suggested business structures and terminology for a Liberty enabled technology deployment necessary to create a legally binding Circle of Trust (CoT). Its purpose is to facilitate a Liberty enabled deployment of identity management specifications and technology by assisting stakeholders and their legal and executive management teams in the identification of the legal structure best suited for their deployment. Such structures and contractual agreements among participating parties serve to create a trusted and legally binding relationship among the participants.

Digital Identity Management A Critical Link to Service Success: A Public Network Perspective

This research, conducted by the Telecompetition Group, looks at the opportunity and challenges facing all public network operators – companies, whether they have fixed, wireless or mixed infrastructure. Such large, capital-intensive companies have survived many societal transformations and in many ways, they have thrived. The roadmap is not quite as clear as we look forward at the next transformation– to a world where many different players are able to delivery compelling content and services often without the burden of large investments in infrastructure. The operator becomes the pipe while others enjoy the openness and other benefits of IP-based technologies. The study analyzes identity management and its crucial role in enabling personalized services. Identity management is viewed as a crucial element in a basket of technology enablers that will be instrumental in preventing network operators from experiencing a dreaded “bit pipe” fate. Wireless operators are also at risk, right along with their fixed line counterparts. The analysis focuses on a high level global view through 2015, providing quantitative and qualitative analysis.

A Privacy Policy Framework – A position paper for the W3C (Oct. 2006)

This paper provides a privacy policy taxonomy and an overview of XML-based syntaxes. It also provides a thorough review of the on Liberty ID-WSF as a Privacy Policy Framework.

Business Guidelines: Raising the Business Requirements for Wide Scale Identity Federation

Identity federation and the Liberty Alliance specifications provide businesses, governments and individuals with substantial benefits; offering them choice, convenience and control over how they can manage and share identity information. The purpose of this document is to identify the general business considerations that must be addressed by any organization exchanging identity information beyond company boundaries in today’s complex federated identity environment.

Liberty RFI Response

Liberty e-Prescription Scenario

Handout from HIMSS detailing how federation can be used to assist in an e-Prescription deployment to assure privacy and security

eperscrip.pdf 310.30 kB


Please enter your comment!
Please enter your name here