IBM Tivoli Extends Identity Management Offering

The Tivoli Federated Identity Manager, slated to be unveiled Monday, aims to extend the perks of single-sign on from inside a company across corporate boundaries. The software is scheduled to ship in 30 days, according to IBM.

"This federation technology will make it easier for partners and solution providers to integrate their ecosystems together," said Joe Anthony, director of identity management for IBM Software's Tivoli group, based in Austin, Texas.

As an example, Anthony cited a company's need to allow employee access to 401k balances, the status of health insurance claims and other information that may be housed outside the corporate firewall but must be accessed securely. "Until now, when you thought of single sign-on, you thought about it being inside a company. This extends beyond that," he said.

From the user's perspective, the original point of sign-on is where the authentication and the identity provisioning are handled, Anthony added. "We hope our software is on both sides of the interaction, but they don't have to have our product on the other side of the connection. We interoperate [with other standards-based offerings]," he said.

Tivoli Federated Identity Manager supports the SAML, WS-Federation, WS-Security and WS-Trust standards. It also supports the Sun Microsystems-led Liberty initiative. IBM said Tivoli Federated Identity Manager will plug into third-party portals and application servers, as well as its own WebSphere middleware lineup. Business partners DataPower, Layer 7 Technologies, Reactivity, Sarvega and VeriSign are supporting the software in solutions, IBM said.