How it works

Today, the Sabre environment is a mix of applications running on the mainframe, Linux and Unix systems. Most of the heavy lifting for flight, car and hotel reservation services, such as those provided by Travelocity, has been moved off of the mainframe. Functions associated with the passenger name-record profile, such as booking and ticketing, remain on the mainframe, along with flight operations data.

Some 70,000 businesses or services use those applications, which means certain employees have to be authorized and authenticated. Some may only be authorized to use the applications, others to update content such as schedules, fares and availability.

To handle the mix, Sabre maintains two distinct directories to provide a coarse-grain/fine-grain authorization scheme. The "coarse" profile data is kept primarily in the Sun Java Directory Server, which is used to provide the initial authentication and authorization -- letting users in the front door, essentially. Profile data stored in an Oracle database is used to make more fine-grain decisions about whether users can access specific rows or columns of data, or update specific data within an application.

The Oracle database is considered the master database of record. It contains data on some 1,000 domains, 200,000 "branches" or groups, and details what each is allowed to do. Storing such data in a database as opposed to a directory makes it easier to data model and replicate, which is important from both a disaster recovery and federation perspective.

A federated future

Federation, in fact, is the next big challenge Sabre is meeting. It has been using federated Web SSO with many customers for some time, but typically on a one-by-one basis. Some use SiteMinder's own implementation of Web SSO, others use standards including the Security Assertion Markup Language (SAML), an XML-based standard for exchanging identity data, and others use Microsoft's Web Services Enhancements (WSE).

But it's been slow-going on the standards front until recently. "A lot of vendors weren't talking the same version of SAML or WSE a couple of years ago," Holland says, noting the standards leave room for implementation flexibility.

Sabre is now trying to migrate its various one-off implementations to true SAML-based connections, knocking them off as customer requirements dictate. "It just takes time. It's a big world out there with all the different identity providers and access management systems," he says.

But the technical problems are only the start. "A lot of this comes down to contractual, business language issues around who owns the identity, whether you trust them, what kind of audit trail will be available in the event you need to resolve or review a business transaction," Holland says. "Overall, the ability to establish trust and reconcile transactions is what has held up adoption of this [federation] process globally."