Identity-Enabled Applications in the Healthcare, Financial Services, Telecom and Open Source Sectors Receive Identity Deployment of the Year Awards
Liberty Alliance – July 17, 2008 — Liberty Alliance, the global identity community working to build a more trust-worthy internet for consumers, governments and businesses worldwide, today announced Aetna, Citi, Deutsche Telekom AG and UNINETT have won the 2008 IDDY (Identity Deployment of the Year) Award. This year the judging panel awarded IDDYs in three categories covering Liberty-based deployments, Liberty-based emerging applications and multi-protocol identity-enabled solutions incorporating open identity specifications from Liberty Alliance. Winners will receive the IDDY Award on-stage at CSO Magazine’s Digital ID World 2008 conference in Anaheim CA on September 9. A photo of the Liberty Alliance IDDY Award is available.
“Now in its third year, the Liberty Alliance IDDY Awards recognize some of the best-of-the best enterprise and user-driven identity-enabled applications in the global marketplace today,” said Brett McDowell, executive director, Liberty Alliance. “Aetna, Citi, Deutsche Telekom AG and UNINETT are to be congratulated for demonstrating winning applications that enable organizations to deliver a variety of secure and more privacy-respecting identity-enabled services to communities, organizations and people worldwide.”
IDDY Award nominations are evaluated based on criteria that include the benefits applications deliver to users and organizations; the ROI the application demonstrates; and how the solution may successfully address identity issues such as reducing identity theft, meeting regulatory requirements or providing users with increased security and privacy protection. The program highlights identity-enabled applications that leverage any of the secure, privacy-respecting and proven interoperable Liberty SAML 2.0 Federation, Liberty Web Services (ID-WSF), Liberty People Service and Liberty Advanced Client specifications.
Representatives from winning organizations will participate in the “Case Studies and Stories from IDDY Award Winners” panel discussion to be held from 12:20 – 1:10 on Tuesday, September 9 at CSO Magazine’s Digital ID World 2008. All DIDW participants are welcome to attend the presentation.
2008 Liberty Alliance IDDY Award Winners
Aetna – Aetna has received an IDDY Deployment Award for an externally hosted online provider portal used for linking healthcare providers with health plans. Working with NaviMedix, the portal includes a variety of tools including transactions and content hosted by Aetna with interfaces to third-party Internet Application Service Providers and Content Service Providers. The deployment was launched in the US in December 2007 and is currently utilized by healthcare providers in all 50 states.
- Highlights – The application delivers seamless and secure single sign-on (SSO) capability into Aetna-hosted applications and identity-enabled transactions. This enables the use of applications without redevelopment, giving a common portal presentation to providers adding enablement of web service transactions within the federated context. Since deploying the application, Aetna has been able to increase its offering of tools and features that help providers conduct simplified administrative transactions, reduce paper-based communications, and access clinical decision support tools. The solution allows for the quick roll-out of new applications and services throughout the provider network.
- Technologies – The application leverages SAML 2.0 for browser-based SSO, DSML for downstream identity provisioning, and Web Services Security for authorization and signature of entitlements. Requests and responses using X.509 certificates are scheduled for implementation during 3Q of this year.
Citi – Citi’s Global Transaction Services has received an IDDY Deployment Award for providing managed identity services that help institutional clients utilize digital credentials and signature technologies in a comprehensive and legally binding manner. Citi is both a Credential Service Provider and a Relying Party as defined in the Liberty Identity Assurance Framework (IAF). As a trusted financial services provider to the world’s top corporations and governments in more than 100 countries, Citi is addressing identity challenges in establishing trust in B2B and B2G identity-enabled transactions by coupling rigorous internal processes with proven identity management technologies.
- Highlights – The goal of managed identity services is to create value for Citi clients including: greater visibility into the actions of authorized end users and their role as defined by internal processes; control and governance over the access and activities of end users; and assurance of identity, non-repudiation and document integrity to mitigate risk associated with sensitive business processes when transacting with business partners.
- Technologies – The identity-enabled services Citi provides are dependent on technologies spanning the web (HTTP/HTTPS), web services (SAML, WS-Security, SOAP), PKI (Certificate Authorities, X.509, PKCS#7), strong authentication technologies (HSM, KSM) records management and entitlement management (XACML), identity platforms (RDBMS, LDAP), document formats (PDF, XML) and development platforms (.NET, Java).
Deutsche Telekom AG – Deutsche Telekom AG has received a Multi-Protocol IDDY Award for its identity application designed to lower implementation barriers when it comes to the delivery of Online/IP-based services to consumers. Initially launched in 2002 and winner of the 2006 IDDY Award, the application has been steadily enhanced to offer multi-protocol capabilities for service provider interfaces as well as for authentication methods and automatic user identification. The application serves the requirements of the mass market for Online/IP-based consumer applications by providing fundamental functionalities such as Single Login, Automatic identification, Single Sign On and Single Logout.
- Highlights – With Deutsche Telekom AG serving as an identity provider, the application is a key business enabler for offering Online/IP-based services to Deutsche Telekom AG customers. The application ensures easy implementation of consumer services and shortens the time-to-market for new service offerings. It allows quick and cost-efficient link-up with partners using the identity standard protocol that fits best and reduces the complexity of the IT-architecture. The application provides consumers with a unique and consistent user-interface that is easy-to-use, transparent and secure.
- Technologies – With the goal of tying a wide variety of Online/IP-based consumer services together by means of a common identity management user experience and to provide scenario-focused login methods, the application currently supports SOAP/XML, Secure Token Service, ID-FF 1.2, SAML 2.0, HTTP Basic and HTTP Digest, as well as different authentication methods. The underlying architectural guidelines make it possible to integrate further IDM protocols with the latest enhancements moving to provide preliminary support for OpenID 1.1, OpenID 2.0 and Microsoft CardSpace.
UNINETT – has received an Emerging Application IDDY Award for SimpleSAMLphp, an open source lightweight implementation of several federation protocols written in PHP. Free to download and available in 15 languages, simpleSAMLphp is a platform for quick implementation of emerging standards or identity-enabled proof-of concept (POC) applications. The software implements Web SSO, and can be applied in any deployment where users need to be authenticated to a World Wide Web Service.
- Highlights – The simpleSAMLphp core is widely used in production deployments, providing a platform for use where the path from POC to production does not need to be long. With simple installation, configuration and maintenance, users save time, resources and money. The flexible solution integrates with existing systems and makes it easy to incorporate new emerging standards. Features such as the User Consent module give users more control and knowledge about the exchange of personal data when conducting online identity-enabled transactions.
- Technologies – SimpleSAMLphp supports identity protocols such as SAML 2.0, Shibboleth 1.3 and WS-Federation. Experimental functionality is ongoing with several other protocols including OpenID, A-Select and PAPI.
About the Liberty Alliance IDDY Award
The Liberty Alliance IDDY Award recognizes digital identity deployments and the up-and-coming identity-enabled applications that incorporate identity specifications and policy frameworks from Liberty Alliance. Previous IDDY Award winners are eBIZ.mobility, EduTech, Deutsche Telekom AG, The New Zealand Government, NTT Labs, Rearden Commerce and the UK Government Authentication Gateway. Judges for the 2008 award include Bob Bragdon, Publisher, CSO Magazine; Michael Barrett, CISO, PayPal, Inc.; Michelle Dennedy, CPO, Sun Microsystems; John Fontana, Senior Editor, Network World; Gerry Gebel, VP & Service Director, Identity and Privacy Strategies, Burton Group; Paul Madsen, Liberty Alliance Technology Expert Group and Identity Standards Researcher, NTT; Roger Sullivan, president of Liberty Alliance and vice president Oracle Identity Management; and Robin Wilton, Liberty Alliance Public Policy Expert Group and Corporate Architect, Sun Microsystems. More information about the IDDY including links to case studies detailing previous winning applications is available.