IBM Gets Behind Federated-Identity Standard

Until now, IBM has shunned membership in the group founded by Sun Microsystems Inc., working instead with Microsoft Corp., BEA Systems Inc., and others on specifications for a broader Web-services stack that included federated identity. Specifications in that stack that have at least some overlap with Liberty's work included WS-Federation, WS-Security, and WS-Interoperability.

IBM, however, has decided to join Liberty as a board member because of customer demand for the technology, company officials said. An indication of this support occurred earlier this year, when IBM added support for Liberty specs in Tivoli Access Manager security software.

"Customers are looking for identity-management software that is flexible, supporting both WS-* and Liberty," Karla Norsworthy, vice president of software standards at IBM, said in a statement. "To that end, IBM plans to support a broad range of federated-identity specifications across its Tivoli identity management product line."

Norsworthy said IBM remained committed to the WS stack of technologies, but added that "long term, IBM believes the best solution for customers would be a convergence of various federated-identity standards."

id
unit-1659132512259
type
Sponsored post

"IBM has joined the Liberty Alliance to help continue as a liaison between our customers and the industry in this effort," she said.

In July, the Armonk, N.Y., computing giant signed a deal to build a single sign-on network for the French unit of Orange PCS Ltd. Orange is the mobile service provider for France Telecom, which uses Liberty-based technology to provide network services to customers.

"It definitely seems like the momentum for federated-identity management is shifting to Liberty Alliance," Ronald Schmelzer, analyst for market researcher ZapThink LLC, said. "Outside of Microsoft and a few other companies, the parts of the WS-stack that apply federated identity haven't seen as much traction."

Norsworthy will act as a liaison between the company and the alliance, until IBM installs a technical member on the board. The company plans to continue its other work on Web-services standards and to coax the industry toward a single technology for federated identity.

Single sign-on for Web services is important because it would enable a customer, for example, to access services of a company and its partners through one user ID and password. Based on customer permission, the identity and authentication data is shared among multiple systems.

If IBM and others are successful in pushing toward one federated-identity standard, than customers will benefit, Schmelzer said. "This is good for the industry as a whole, which sorely needs convergence on security specifications."

Microsoft also has an authentication service called Passport. That system, however, has failed to attract much interest in the industry, beyond Microsoft and its close partners.

"Microsoft Passport is getting a serious drubbing in the market, and now with IBM's support of Liberty Alliance, motivated by a large customer, odds are looking good that Microsoft will have to join the Liberty Alliance sooner rather than later," Schmelzer said.