Sun Addresses User Identity Security With Latest Sun ONE Platform


Sun Microsystems last week unveiled technology for building and managing secure single sign-on across multiple partner Web sites, executives said.

The Sun ONE Platform for Network Identity is a combination hardware, software and services platform that includes new versions of Sun ONE Directory Server and Sun ONE Identity Server, said Jonathan Schwartz, Sun's executive vice president of software.

Sun ONE Directory Server 5.2 will be available in November, according to Sun, and Sun ONE Identity Server 6 is available on a limited basis now, with a full product slated to ship in October. These products, whose prices will not be released until they ship, support the Liberty Alliance 1.0 specification.

The Liberty Alliance unveiled its first technology specification for secure user identity across multiple systems last week. The group, led by Sun and 15 other member companies, is aiming its technology directly at Microsoft's Passport service, which allows a similar single sign-on but gives Microsoft control of user information.

The Sun ONE Platform for Network Identity offering also includes Sun security services; the Solaris 9 operating environment; Sun Fire 280R, Ultra and SPARC III servers; and Sun StorEdge storage arrays, according to Sun.

Schwartz said products such as Sun's Liberty-enabled platform open up new business opportunities for companies to partner with one another.

"There's no doubt in anybody's mind that the Internet is a terrific channel not just for services or goods, but it's also an ideal mechanism for partnering," said Schwartz.

He said that the advent of the first Liberty spec makes it possible for vendors to offer standard platforms so companies can more easily link together their systems.

Alex Burdenko, senior software engineer at Boston-based solution provider Back Bay Technologies, said his customers are interested in using Liberty-enabled software to give companies single sign-on capabilities across enterprises.

"Right now, within the firewall, it's possible to [pass user identities across applications within one enterprise," said Burdenko. "Across multiple enterprises and companies, there's no way to pass identities or roles, [providing information on what you can access, what you can't access."

Burdenko said using Sun's solution in conjunction with a portal product, solution providers could aggregate user identities and policies regarding that user activity across multiple enterprises.

He added, however, that there are still security issues involved in passing this type of information between companies.

"How secure is it? You have to ask how secure are the basic protocols of the Internet," said Burdenko. "In the security world, nothing is perfect, but it's as secure as it can be."

Schwartz said Sun plans to Liberty-enable all of its Sun ONE software in the future, including its app server and portal server products.

Sun launched its first network identity solution in March as a set of products and services for enabling companies to lay a secure foundation for Web services and Liberty-based solutions.