Liberty Alliance Poised for Single Sign-On
By Michael Chait The Sun-backed alliance will annouce specifications for identity management.
Microsoft and Sun, who have been battling it out in the Web services arena, are both moving forward in the race to provide a secure single sign-on system for Web services.
Monday, The Liberty Alliance, a Sun-backed group, plans to unveil its long-awaited technical specifications for online "identity management" systems.
Identity management tools are the foundation upon which companies can build services that allow consumers to move easily among Web sites without having to repeatedly identify themselves with a new password. This concept plays a significant role in the Web services (define) arena envisioned by both Sun and Microsoft, as it enables private information to be securely transmitted to numerous entities without the halting delays of redundant entry.
Michele Rosen, a program manager from IDC, however, warns that single sign-on systems may not prove useful in the Web services arena for many years to come.
"A lot of attention is being paid to [Microsoft's] Passport and Liberty Alliance with regards to Web services, and I think that their impact is much further off than some of the other issues surrounding Web Services," says IDC's Rosen. "Liberty Alliance and Passport are both primarily targeted at consumers and it will be awhile before there will be significant web services use by consumers. Right now we see (Web services) as an internal business integration technology."
The Liberty Alliance, however, is pushing forward with its vision for an open-system single sign-on, which officials describe as a federated-view solution. Through the specifications to be announced Monday, the Alliance plans to have personal information controlled completely by the user, yet able to be securely shared with the organizations of the users choosing, thus preventing any one, centralized entity from garnering personal or proprietary information, and erecting toll booths or impediments to interoperability or service delivery.
Although Microsoft has currently not joined the Alliance, according to a report by the Wall Street Journal, services built on Liberty's technology could ultimately work with Microsoft's Passport single sign-on service, and Liberty continues to talk to the Redmond, Wash.-giant about joining the group.
Microsoft, along with IBM and Verisign , submitted its own set of security specs for Web Services, known as WS-Security, to the OASIS standards body last month. Sun, who initially had shown little interest in the standards, actually threw in its support at the last minute.
Bob Sutor, director of e-business standards strategy at IBM, sees that as a good sign.
"We're actually very pleased that Sun joined in with (Microsoft) on WS-Security," said Sutor. "I personally see that as a good sign that we're redirecting a lot of the security work back into a standards organization."
The IBM exec, in fact, hopes that the current efforts of the Liberty Alliance will be consolidated into the security program at OASIS.
"(Joining OASIS) would allow lots of people beyond the Liberty folks to contribute and it would really be a place to funnel a lot of similar efforts into a single effort," he said.
While much of the WS-security specs were not specifically targeted at the consumer-end of Web services, Microsoft is also moving forward with its own single sign-in expansion. On Tuesday, the firm announced a deal with Arcot Systems that will enable its Passport service to make it easier for customers to purchase items online with credit cards from Visa and MasterCard.
Both credit-card companies are also members of the Liberty Alliance.
Despite Microsoft's 14 million-user headstart over the Alliance, the next few years will reveal whether the Alliance's open-system can attract enough users to catch up.