Liberty Alliance Unveils First Specification For User Identity

Sun, others expected to follow with supported products

Printer-friendly version Email this CRN article

As expected, the Liberty Alliance on Monday unveiled its first specification for enabling federated network identity.

Executives from United Airlines, Sun Microsystems, Novell and RSA Security were on hand at the Burton Group's Catalyst Conference here to unveil Liberty Alliance version 1.0--the first from the group, which formed in September to provide a secure specification allowing secure user single sign-on across multiple Web sites.

At the launch, Novell and Sun also demonstrated Liberty-enabled solutions on a company intranet and an Internet e-commerce application. Both companies, as well as RSA Security, are expected to have Liberty-supported products by the end of the year, company representatives said.

On Tuesday, Sun is expected to make a Liberty-related announcement with the debut of an enhanced Sun ONE Network Identity Platform, a Sun spokeswoman said. Sun also said it will announce several new partners supporting its platform.

Liberty, led by Sun and 15 other board members, is aiming the spec directly at Microsoft's Passport service, which allows a similar single sign-on but gives Microsoft control of user information.

"No one trusts one identity provider," said Sun Executive Vice President of Software Jonathan Schwartz at the launch. "This is all about offering to enterprises and consumers control [of information."

The new spec has five features to facilitate secure sign-on to intranet and Internet sites, allowing users to decide if they want to link that sign-on to a company's other partner sites, said Rob Robless, CTO of United Airlines.

Those features include opt-in account linking, so a user can choose whether or not to link an account to another Liberty-enabled site; simplified sign-on, so a user is not required to log in again to a linked site; and authentication context, so linked companies can decide on the basis to authenticate a user when he or she logs in.

Other features are global log-out that logs a user out of all the linked sites when he or she logs out on one; and the Liberty Alliance client feature, which implements the Liberty 1.0 spec on a particular fixed or wireless client.

Printer-friendly version Email this CRN article