# News & Trends

Greg

Pages: pp. 9-11

## IDENTITY MANAGEMENT, ACCESS SPECS ARE ROLLING ALONG

The concept of streamlined single-sign-on network identity and access management moved forward in the last quarter of 2004, with product announcements from prominent vendors, advances in protocol agreements by industry and standards groups, and more visibility among enterprise users.

A certain amount of long-term uncertainty remains about whichidentity-management technology will fit into a given architecture as the applications underlying interorganizational communications depend less on Web browsers and become more capable of standalone interchange. However, the widespread adoption of federated identity — in which users receive trusted access to more than their home network's resources without having to sign on to each new site separately — is reaching critical mass.

## JOINING THE ALLIANCE

Perhaps the best signal was IBM's October 2004 announcement that it was joining the Liberty Alliance Project ( www.projectliberty.org), a multinational alliance of more than 150 members developing an open standard for federated network identity. IBM's joining Liberty might not hold the same significance for identity-management technology that its support of Linux did for the open-source model. However, it is significant enough to compel vendors and users to contemplate how the various identity standards — from Liberty to the WS-Federation standard proposed by the Web Services Interoperability Organization ( www.ws-i.org) to OASIS languages ( www.oasis-open.org/home/index.php) — will roll out in coming months and years, and how vital each will be in network architecture.

Joe Anthony, director of integrated identity management for IBM Tivoli, says the marketplace has evolved in stages as organizations realized how complex internetwork authentication would be. Citing the three central technologies that emerged in the past three years — OASIS's Security Assertion Markup Language (SAML), Liberty, and the Web Services stack — Anthony says IBM developers realized they couldn't ignore any of them.

"We would have customers working with any of those three, and the challenge was, any of their partners could be working with any of those three as well. To [ensure that] we could bring a full-fledged offering to the table, we had to go ahead and support Liberty."