Enterprise Software, Wireless Leaders Join World’s Largest Collection of Certified Interoperable Federated Identity Solutions
San Francisco – The Liberty Alliance, the global consortium developing an open federated identity standard and business tools for implementing identity-based services, today announced products and services from nine companies have earned the Liberty Alliance Interoperable mark in the latest Liberty-sponsored conformance test. The Liberty Alliance continues to be the only organization to offer more than simple specification interoperability testing and officially validate Liberty implementations in products and services.
Ericsson, Hewlett-Packard, IBM, Netegrity, Novell, Oracle, Ping Identity, Sun, and Trustgenix are among companies to be awarded the “Liberty Alliance Interoperable” mark. Following a rigorous testing process, conformant products may display the Liberty Alliance’s highest stamp of quality, which offers buying assurances to end customers that products are truly interoperable out-of-the-box, shortening deployment cycles, increasing productivity and saving costs.
“Participants are responding to market demand for validation of quality and assurance of true interoperability,” said Nick Ragouzis, chair of the Liberty Alliance Conformance Expert Group and of NTT. “The conformance program offers vendors and service providers the opportunity to respond to the customer mandate for products and services that have earned the ‘Liberty Alliance Interoperable’ mark.”
“Assurance of interoperability of products and services is of highest importance to enterprises making infrastructure investments in order to reduce costs and speed time to deployment,” said Ray Wagner, vice president and research director in information security strategies, Gartner. “Standards-based groups that offer interoperability focused conformance programs that are widely accepted by vendors can provide customers with such assurance.”
The Liberty conformance program requires that each company successfully complete tests against scripts and scenarios published by the Liberty Alliance Conformance Expert Group. As part of the testing, companies must demonstrate interoperability with at least two other randomly selected participants. The program requires repeated operation of the Liberty specification’s core features in many combinations and sequences and in different roles and contexts common to real-world deployments. Testing reviewed identity federation, authentication context, session management and privacy protections.
“Products and services implementing Liberty Alliance’s open standard for federation framework (ID-FF) offer substantial benefits to long-recognized and costly problems including cost, complexity and scalability,” said Michael Barrett, president of Liberty Alliance and vice president of privacy and security at American Express. “Companies who have earned the ‘Liberty Alliance Interoperable’ mark report that customers more easily create partnerships, in part because displaying the mark delivers instant market credibility and assures rapid deployment.”
At the conformance test event held in Chicago, Illinois during the week of June 14-18, 2004, the following products and services demonstrated conformance with the Liberty Alliance Identity Federation Framework version 1.1 and 1.2 (ID-FF1.1 and ID-FF1.2):
Ericsson – Ericsson’s Liberty-interoperable User Session & Identity Server (USIS) product is the core of the Ericsson identity management solution for telecom operators. The main features of the product are session management, user identity management, user authentication and service authorization based on user profile. The Ericsson USIS 1.0 product is commercially available and it has achieved certification for ID-FF 1.2 as a functional upgrade of the certification of ID-FF 1.1 already achieved in December 2003.
Hewlett-Packard – HP OpenView Select Access 6.0 has implemented support for ID-FF 1.2. The incorporation of ID-FF 1.2 provides support for identity federation, single sign-on (SSO), and global logout across corporate boundaries using both the artifact and POST profiles. Other supported features include the Register Name Identifier, Federation Termination Notification, and Identity Provider Introduction.
IBM – The IBM Tivoli Access Manager software family, with upcoming identity federation capabilities, will provide an initial point of contact for a federated security solution and a conduit for extending single sign-on, authorization and identity management beyond the enterprise to a federation of partners.
Netegrity – Netegrity considers identity federation to be a critical component of an enterprise identity and access management solution. Netegrity’s Web access management solution, SiteMinder, provides a shared security infrastructure for companies to consistently enforce security, deliver SSO, and provide multi-protocol, identity federation services for Web users and applications. To specifically enable Liberty-compliant, browser-based identity federations, SiteMinder provides a comprehensive Liberty Alliance ID-FF solution, supporting both Identity Provider and Service Provider modes of federation. Netegrity’s Liberty Alliance Interoperable solution, SiteMinder Federation Solution Module v6.0, is provided as an add-on for SiteMinder v5.0 or later and is available immediately.
Novell – Novell is developing a Web authentication/authorization product that enables the secure federation of identity data through both the Liberty Alliance specifications and the SAML protocol. With this, customers will have one of the industry’s first viable options for establishing trusted relationships with business partners based on open standards. It is scheduled to ship in the first calendar half of 2005.
Oracle – Oracle Identity Management, is an integrated, scalable and robust identity management infrastructure with federated identity capabilities. Oracle Identity Management supports the full complement of Liberty ID-FF v1.1 protocols, allowing customers to deploy Liberty Identity and Service Providers in a circle of trust.
Ping Identity – SourceID Liberty 2.0 is an open source stand-alone identity federation server — enabling Liberty ID-FF 1.2 while focusing on extensibility and flexibility. SourceID Liberty 2.0’s core is a workflow engine. This workflow engine allows implementers to extend the behavior of a protocol for a specific implementation. In this way, the workflow architecture provides integrators and developers a great deal of extensibility and flexibility in deployment.
Sun Microsystems – Sun Java System Access Manager provides open, standards-based authentication and policy-based authorization with a single, unified framework for: securing the delivery of essential identity and application information, improving the user experience through single sign-on, and enabling trusted networks with partners, suppliers and customers. Access Manager was among the first identity management products to support federation standards, including both the Liberty Alliance Phase 2 and SAML 1.1 specifications, and is now certified interoperable with Liberty Alliance ID-FF 1.2.
Trustgenix – Trustgenix’s IdentityBridge®, available now, provides easy-to-deploy federated identity management on top of existing identity management systems and homegrown solutions. IdentityBridge is the only federation solution that supports all popular federated identity protocols (including Liberty ID-FF 1.2, Liberty ID-FF 1.1, the Liberty Extended Profiles, and SAML), which makes it ideal for connecting the heterogeneous extranet. Trustgenix’s IdentityBridge effectively delivers web single sign-on, privilege management, federated session management, and automated provisioning in the extended enterprise and mobile web, without requiring a centralized data repository or synchronization between repositories.
Liberty Alliance maintains a list of all products and services that have passed the conformance testing procedures and can bear the Liberty Alliance Interoperable logo. See its website at: www.projectliberty.org/conformance.
About the Liberty Alliance Conformance Program
The conformance program managed by the Liberty Alliance validates implementations of the Liberty Alliance standards for federated network identity. The program helps vendors, integrators and implementers ensure interoperability between Liberty-enabled solutions. Liberty Alliance will be offering additional conformance events, expanding to include products and services implementing Liberty Alliance’s Identity Web Services Framework. Interested parties should contact Liberty Alliance at firstname.lastname@example.org for logistics and registration information. The program is open to both members and non-members.
About the Liberty Alliance Project
The Liberty Alliance Project (www.projectliberty.org) is an alliance of more than 150 companies, non-profit and government organizations from around the globe. The consortium is committed to developing an open standard for federated network identity that supports all current and emerging network devices. Federated identity offers businesses, governments, employees and consumers a more convenient and secure way to control identity information in today’s digital economy, and is a key component in driving the use of e-commerce, personalized data services, as well as web-based services. Membership is open to all commercial and non-commercial organizations.
If you are interested in seeing the full list of Liberty Alliance members or are interested in becoming a member, please visit us at www.projectliberty.org.