Tuesday, February 26, 2008
openLiberty.org releases beta code
Some exciting news for those following the open source developments of openLiberty.org. Check out Asa's post here and watch for more developments in 2Q
Friday, February 22, 2008
Liberty Alliance Launches Public Special Interest Group to Enable an Internationally Interoperable Healthcare Identity Management and Information Exch
Global Interoperability and Patient Privacy Focus of New Liberty Alliance Health Identity Management Group
Orlando, Florida - Feb 22, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced the launch of a global public forum formed to develop an interoperable, secure and privacy-respecting information exchange system for the healthcare sector. The Liberty Alliance Health Identity Management Special Interest Group (HIM SIG) is leveraging the Liberty Alliance model of addressing the technology, business and privacy aspects of digital identity management to meet the unique identity management and regulatory challenges facing the international healthcare industry today.
Co-chaired by John Fraser, CEO, MEDNET USA and Pete Palmer, Security and Cryptography Architect, Wells Fargo, the group currently includes over 30 members from around the world representing the education, government, healthcare and technology sectors. Members are working to address how the healthcare industry will deliver secure identity management solutions that meet global regulatory mandates and ensure patient privacy. The public group is working closely with the Liberty Identity Assurance Expert Group to ensure requirements for standardized and certified identity assurance levels in the healthcare sector meet criteria established in the policy-based Liberty Identity Assurance Framework.
“Liberty’s proven interoperable technologies and standardized policy frameworks make it easier for healthcare organizations to protect sensitive data, meet compliance mandates and put patients in better control of their identity information, ” said Fraser. “The Health Identity Management group is a significant opportunity for individuals and organizations to come together and participate in the development of an interoperable, secure and privacy-respecting international healthcare exchange system.”
About the HIM SIGThe public HIM SIG expands the work of the Liberty Alliance eHealth SIG and is designed to foster collaboration among Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and all organizations interested in driving an internationally interoperable healthcare identity management and information exchange system. The HIM SIG is working with healthcare organizations worldwide and leveraging the work of Liberty’s four global Expert Groups and numerous Special Interest Groups to ensure broad industry participation. Information about Liberty’s membership structure and Expert and Special Interest Groups is available at http://www.projectliberty.org/liberty/about/structure Information about the HIM SIG is available at http://wiki.projectliberty.org/index.php/Health_Identity_Management_SIG
Orlando, Florida - Feb 22, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced the launch of a global public forum formed to develop an interoperable, secure and privacy-respecting information exchange system for the healthcare sector. The Liberty Alliance Health Identity Management Special Interest Group (HIM SIG) is leveraging the Liberty Alliance model of addressing the technology, business and privacy aspects of digital identity management to meet the unique identity management and regulatory challenges facing the international healthcare industry today.
Co-chaired by John Fraser, CEO, MEDNET USA and Pete Palmer, Security and Cryptography Architect, Wells Fargo, the group currently includes over 30 members from around the world representing the education, government, healthcare and technology sectors. Members are working to address how the healthcare industry will deliver secure identity management solutions that meet global regulatory mandates and ensure patient privacy. The public group is working closely with the Liberty Identity Assurance Expert Group to ensure requirements for standardized and certified identity assurance levels in the healthcare sector meet criteria established in the policy-based Liberty Identity Assurance Framework.
“Liberty’s proven interoperable technologies and standardized policy frameworks make it easier for healthcare organizations to protect sensitive data, meet compliance mandates and put patients in better control of their identity information, ” said Fraser. “The Health Identity Management group is a significant opportunity for individuals and organizations to come together and participate in the development of an interoperable, secure and privacy-respecting international healthcare exchange system.”
About the HIM SIGThe public HIM SIG expands the work of the Liberty Alliance eHealth SIG and is designed to foster collaboration among Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and all organizations interested in driving an internationally interoperable healthcare identity management and information exchange system. The HIM SIG is working with healthcare organizations worldwide and leveraging the work of Liberty’s four global Expert Groups and numerous Special Interest Groups to ensure broad industry participation. Information about Liberty’s membership structure and Expert and Special Interest Groups is available at http://www.projectliberty.org/liberty/about/structure Information about the HIM SIG is available at http://wiki.projectliberty.org/index.php/Health_Identity_Management_SIG
Wednesday, February 20, 2008
Overview of Liberty Alliance Governance and Policy Frameworks Focus of March 10 Santa Clara Identity Management Workshop
Public Workshop Details How to Implement Liberty Alliance Identity Specifications and Reviews Policy-Based Identity Assurance and Identity Governance Frameworks
Santa Clara, CA. Feb 20, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of the agenda for its identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. The public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy interoperable, secure and privacy-respecting identity systems.
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.
“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”
About the March 10 Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the workshop will overview the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org:443/ws/index.html
Santa Clara, CA. Feb 20, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of the agenda for its identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. The public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy interoperable, secure and privacy-respecting identity systems.
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.
“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”
About the March 10 Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the workshop will overview the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org:443/ws/index.html
Tuesday, February 19, 2008
Liberty Alliance in Santa Clara on March 10
Liberty Alliance, the global identity consortium, will hold a digital identity management implementation workshop in Santa Clara, CA on March 10. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems. There is no charge to attend the workshop.
Registration and more information is available at https://maa.projectliberty.org:443/ws/index.html
Registration and more information is available at https://maa.projectliberty.org:443/ws/index.html
Boeing Identity Federation Case Study Added to Liberty Alliance Web Site
Liberty Alliance has updated its growing list of SAML 2.0 Liberty Federation and Liberty Web Services case studies with a new case study about Boeing’s identity federation. Boeing joins the 23 other organizations featured in Liberty Alliance case studies. It’s a good read about the benefits of federation and another good opportunity to point to the Liberty-based deployments worldwide.
Wednesday, February 13, 2008
Liberty Alliance Schedules Four Public Interactive Webcasts to Review and Finalize Identity Assurance Framework Criteria
Consortium Releases Updated Version of the IAF as Organizations Worldwide Participate in Review and Development Process
Liberty Alliance – February 13, 2008 -- Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released the latest version of the Liberty Identity Assurance Framework (IAF). Liberty Alliance is also announcing four public webcasts, each designed to review and gather industry input into primary sections of the IAF as the Framework moves to final during 2Q of this year. The latest version of the IAF is based on recent input from over 40 representatives from the global financial services, government, telecom, healthcare, system integrator and technology sectors and is available for additional review and comment at http://www.projectliberty.org/liberty/files/whitepapers/liberty_identity_assurance_framework_v1_0
The IAF is a policy-based organizational framework being developed collaboratively within the Liberty Alliance Identity Assurance Expert Group and corresponding public special interest group to advance trusted identity federations based on standardized and certified identity assurance levels. Each with a different moderator, the public webcasts will begin on February 20 when Common Organization Service Assessment Criteria will be reviewed, followed by Credential Management Service Assessment Criteria on March 5, Identity Proofing Service Assessment Criteria on March 12 and Certification/Accreditation Business Rules on March 26. All of the webcasts begin at 8:00am US PT.
“With the launch of the interactive webcast series, the global identity community has a significant opportunity to help drive the next phase of IAF development,” said Brett McDowell, executive director, Liberty Alliance. “Liberty Alliance encourages federation operators and all organizations planning to build or expand identity federations to attend the webcast events.”
About the IAF and IAF Webcast Series
Based on the Electronic Authentication Partnership Trust Framework derived from the NIST Special Publication 800-63 and now enhanced and updated by the Liberty’s IAEG, the IAF fills cross-industry requirements for baseline identity assurance policy standards for all public and private sector federations. The IAF defines four identity assurance levels based on a comprehensive set of process and policy criteria required to meet each level of assurance and goes on to define the standard assessment criteria, accreditation and certification rules for federating organizations to meet each of the four levels of assurance. Liberty Alliance expects to launch an identity assurance accreditation and certification program based on IAF criteria during mid-2008. Background and registration information for the four public IAF webcasts is available at http://www.projectliberty.org/liberty/news_events/webcasts
###
Liberty Alliance – February 13, 2008 -- Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released the latest version of the Liberty Identity Assurance Framework (IAF). Liberty Alliance is also announcing four public webcasts, each designed to review and gather industry input into primary sections of the IAF as the Framework moves to final during 2Q of this year. The latest version of the IAF is based on recent input from over 40 representatives from the global financial services, government, telecom, healthcare, system integrator and technology sectors and is available for additional review and comment at http://www.projectliberty.org/liberty/files/whitepapers/liberty_identity_assurance_framework_v1_0
The IAF is a policy-based organizational framework being developed collaboratively within the Liberty Alliance Identity Assurance Expert Group and corresponding public special interest group to advance trusted identity federations based on standardized and certified identity assurance levels. Each with a different moderator, the public webcasts will begin on February 20 when Common Organization Service Assessment Criteria will be reviewed, followed by Credential Management Service Assessment Criteria on March 5, Identity Proofing Service Assessment Criteria on March 12 and Certification/Accreditation Business Rules on March 26. All of the webcasts begin at 8:00am US PT.
“With the launch of the interactive webcast series, the global identity community has a significant opportunity to help drive the next phase of IAF development,” said Brett McDowell, executive director, Liberty Alliance. “Liberty Alliance encourages federation operators and all organizations planning to build or expand identity federations to attend the webcast events.”
About the IAF and IAF Webcast Series
Based on the Electronic Authentication Partnership Trust Framework derived from the NIST Special Publication 800-63 and now enhanced and updated by the Liberty’s IAEG, the IAF fills cross-industry requirements for baseline identity assurance policy standards for all public and private sector federations. The IAF defines four identity assurance levels based on a comprehensive set of process and policy criteria required to meet each level of assurance and goes on to define the standard assessment criteria, accreditation and certification rules for federating organizations to meet each of the four levels of assurance. Liberty Alliance expects to launch an identity assurance accreditation and certification program based on IAF criteria during mid-2008. Background and registration information for the four public IAF webcasts is available at http://www.projectliberty.org/liberty/news_events/webcasts
###
Monday, February 11, 2008
Upcoming.org – Liberty Alliance March 10 Santa Clara Identity Management Implementation Workshop
"Liberty Alliance", the global identity consortium, will hold a digital identity management implementation workshop in Santa Clara, CA on March 10. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems. There is no charge to attend the workshop.
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting. Registration and more information is available at https://maa.projectliberty.org/ws/index.html
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting. Registration and more information is available at https://maa.projectliberty.org/ws/index.html
Thursday, February 7, 2008
Liberty Alliance Announces March 10 Santa Clara Identity Management Implementation Workshop
Liberty Alliance Announces March 10 Santa Clara Identity Management Implementation Workshop
Understanding and Implementing Liberty Alliance Specifications and Policy-Based Identity Assurance and Governance Frameworks Focus of Public Event
Santa Clara, CA. Feb 4, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced a digital identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems.
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.
“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”
About the March 10 Liberty Alliance Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the Liberty Alliance Workshop - Understanding Liberty’s Identity Technology Standards: Built for Today, Paving the Way to Tomorrow will discuss the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org/ws/index.html
Understanding and Implementing Liberty Alliance Specifications and Policy-Based Identity Assurance and Governance Frameworks Focus of Public Event
Santa Clara, CA. Feb 4, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced a digital identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems.
The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.
“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”
About the March 10 Liberty Alliance Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the Liberty Alliance Workshop - Understanding Liberty’s Identity Technology Standards: Built for Today, Paving the Way to Tomorrow will discuss the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org/ws/index.html
Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management
Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management
Organizations Worldwide Leverage SAML 2.0 Liberty Federation to Enable New Business Services, Help Meet Regulatory Requirements and Provide Users with Better Protection Against Online Fraud and Identity Theft
Liberty Alliance – January 29, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of SAML 2.0-based digital identity management applications that are delivering real world value to users and organizations around the globe. These applications are among the many public and private sector deployments helping to drive a more secure and privacy-respecting internet identity layer across applications, sectors and regions based on SAML 2.0 standards.
“Virtually all federation efforts and almost all federation product vendors have built-in SAML 2.0 support,” said Gregg Kreizman, research director, Gartner. “Governments and enterprises planning new identity federations should base their implementations on the SAML 2.0 standards.”
Standard in Use in the Global Government and Public Sectors
With government organizations in The Americas, Asia, Australia and Europe building and deploying SAML 2.0-based identity applications, SAML 2.0 has become the standard of choice in the global eGovernment and public sectors. These governments are relying on SAML 2.0 to deliver a wide variety of new online services to citizens, help meet compliance mandates and to provide business and trading partners with a secure and trusted platform for conducting identity related transactions. A digital map and description of global eGovernment deployments based on SAML 2.0 Liberty Federation is available at http://projectliberty.org/liberty/adoption/egovernment/egov_world_map
“The beauty of the proven interoperable SAML 2.0 standard is that it has been developed with input from deployers and vendors of digital identity management solutions to support a broad range of online identity related transactions,” said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. “From authenticating at social networking sites to enterprise, financial and government transactions requiring the highest degree of security and privacy protection, SAML.2.0 is providing the foundation for organizations in every sector to build and deploy successful digital identity management solutions.”
Cross-Industry Demand for Secure and Privacy-Respecting Digital Identity Solutions
The applications highlighted today are only a small sample of the hundreds of B2B and consumer-facing SAML 2.0–based deployments and proof-of-concept applications in the global identity market. These applications span vertical segments where users and deploying organizations demand the highest levels of security and privacy protection and proven interoperability is critical to managing wide scale digital identity management solutions. Liberty Alliance maintains a list of deploying organizations at http://www.projectliberty.org/liberty/adoption with highlights from the applications announced today including:
Google – Using SAML 2.0 allows Google's customers to treat web-based authentication to Google Apps™ the same way they treat authentication to their other services. "We're extremely happy with the number of products that natively support SAML, as well as the number of people available to help our customers use it," said Gabe Cohen, product manager, Google Enterprise. "We chose to support SAML because it provides immense flexibility as a robust standard and the security that our customers demand. Ultimately, we want our customers to make their own decisions about their security and authentication policies, and SAML makes it easy." For more information on Google Apps, visit www.google.com/a.
NTT - NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information. A Liberty Alliance SASSO case study is available at http://projectliberty.org/resource_center/case_studies/ntt_sasso
“Our technology employs mobile phones and SAML 2.0 to strike the tough balance between security and privacy concerns on the one hand, and usability on the other—two necessities in the modern world,” said Dr. Kenji Takahashi, senior research engineer and supervisor, NTT Information Sharing Platform
Laboratories.
The US GSA E-Authentication Solution - Originally launched in 2002 as part of the President's Management Agenda, E-Authentication Solutions assists federal agencies in mitigating the security and privacy risks associated with e-government and helps control government costs associated with authenticating large numbers of end users. In October 2007, the US General Services Administration (GSA) announced that passing Liberty Alliance SAML 2.0 interoperability testing is a prerequisite for participating in the US E-Authentication Identity Federation. The decision by E-Authentication Solutions to have vendors pass Liberty Alliance SAML 2.0 testing recognizes the important role proven interoperability plays in advancing identity federations. More information about the E-Authentication Solution is available at http://www.cio.gov/eauthentication/
“E-Authentication Solutions wants federal agencies to be able to select the software that meets their unique business requirements while also delivering assurances that it will interoperate with other applications used within the Federation,” said Myisha Frazier-McElveen, Acting Program Executive, E-Authentication Solutions. “The US GSA is requiring vendors to pass Liberty Alliance SAML 2.0 interoperability testing to help ensure identity products can interoperate from day one and provide long-term business value to US Government Agencies.”
Source: Gartner, Inc. “The U.S. Government’s Adoption of SAML 2.0 Shows Wide Acceptance”, by Gregg Kreizman, John Pescatore and Ray Wagner, October 29, 2007
About Liberty Alliance
"Liberty Alliance" is the only global identity organization with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, BT, France Telecom, HP, Intel, Novell, NTT, Oracle and Sun Microsystems. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at http://www.projectliberty.org/
###
Google and Google Apps are trademarks of Google Inc.
Organizations Worldwide Leverage SAML 2.0 Liberty Federation to Enable New Business Services, Help Meet Regulatory Requirements and Provide Users with Better Protection Against Online Fraud and Identity Theft
Liberty Alliance – January 29, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of SAML 2.0-based digital identity management applications that are delivering real world value to users and organizations around the globe. These applications are among the many public and private sector deployments helping to drive a more secure and privacy-respecting internet identity layer across applications, sectors and regions based on SAML 2.0 standards.
“Virtually all federation efforts and almost all federation product vendors have built-in SAML 2.0 support,” said Gregg Kreizman, research director, Gartner. “Governments and enterprises planning new identity federations should base their implementations on the SAML 2.0 standards.”
Standard in Use in the Global Government and Public Sectors
With government organizations in The Americas, Asia, Australia and Europe building and deploying SAML 2.0-based identity applications, SAML 2.0 has become the standard of choice in the global eGovernment and public sectors. These governments are relying on SAML 2.0 to deliver a wide variety of new online services to citizens, help meet compliance mandates and to provide business and trading partners with a secure and trusted platform for conducting identity related transactions. A digital map and description of global eGovernment deployments based on SAML 2.0 Liberty Federation is available at http://projectliberty.org/liberty/adoption/egovernment/egov_world_map
“The beauty of the proven interoperable SAML 2.0 standard is that it has been developed with input from deployers and vendors of digital identity management solutions to support a broad range of online identity related transactions,” said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. “From authenticating at social networking sites to enterprise, financial and government transactions requiring the highest degree of security and privacy protection, SAML.2.0 is providing the foundation for organizations in every sector to build and deploy successful digital identity management solutions.”
Cross-Industry Demand for Secure and Privacy-Respecting Digital Identity Solutions
The applications highlighted today are only a small sample of the hundreds of B2B and consumer-facing SAML 2.0–based deployments and proof-of-concept applications in the global identity market. These applications span vertical segments where users and deploying organizations demand the highest levels of security and privacy protection and proven interoperability is critical to managing wide scale digital identity management solutions. Liberty Alliance maintains a list of deploying organizations at http://www.projectliberty.org/liberty/adoption with highlights from the applications announced today including:
Google – Using SAML 2.0 allows Google's customers to treat web-based authentication to Google Apps™ the same way they treat authentication to their other services. "We're extremely happy with the number of products that natively support SAML, as well as the number of people available to help our customers use it," said Gabe Cohen, product manager, Google Enterprise. "We chose to support SAML because it provides immense flexibility as a robust standard and the security that our customers demand. Ultimately, we want our customers to make their own decisions about their security and authentication policies, and SAML makes it easy." For more information on Google Apps, visit www.google.com/a.
NTT - NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information. A Liberty Alliance SASSO case study is available at http://projectliberty.org/resource_center/case_studies/ntt_sasso
“Our technology employs mobile phones and SAML 2.0 to strike the tough balance between security and privacy concerns on the one hand, and usability on the other—two necessities in the modern world,” said Dr. Kenji Takahashi, senior research engineer and supervisor, NTT Information Sharing Platform
Laboratories.
The US GSA E-Authentication Solution - Originally launched in 2002 as part of the President's Management Agenda, E-Authentication Solutions assists federal agencies in mitigating the security and privacy risks associated with e-government and helps control government costs associated with authenticating large numbers of end users. In October 2007, the US General Services Administration (GSA) announced that passing Liberty Alliance SAML 2.0 interoperability testing is a prerequisite for participating in the US E-Authentication Identity Federation. The decision by E-Authentication Solutions to have vendors pass Liberty Alliance SAML 2.0 testing recognizes the important role proven interoperability plays in advancing identity federations. More information about the E-Authentication Solution is available at http://www.cio.gov/eauthentication/
“E-Authentication Solutions wants federal agencies to be able to select the software that meets their unique business requirements while also delivering assurances that it will interoperate with other applications used within the Federation,” said Myisha Frazier-McElveen, Acting Program Executive, E-Authentication Solutions. “The US GSA is requiring vendors to pass Liberty Alliance SAML 2.0 interoperability testing to help ensure identity products can interoperate from day one and provide long-term business value to US Government Agencies.”
Source: Gartner, Inc. “The U.S. Government’s Adoption of SAML 2.0 Shows Wide Acceptance”, by Gregg Kreizman, John Pescatore and Ray Wagner, October 29, 2007
About Liberty Alliance
"Liberty Alliance" is the only global identity organization with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, BT, France Telecom, HP, Intel, Novell, NTT, Oracle and Sun Microsystems. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at http://www.projectliberty.org/
###
Google and Google Apps are trademarks of Google Inc.
Subscribe to:
Posts (Atom)