IBM Monday released it first server designed to let corporations integrate their user identities and access control platforms with partners outside of their organizations.
IBM's Tivoli Federated Identity Manager is standards-based software that supports so-called identity federation, a nascent technology that promises to ease the task of using and managing identities as a means to secure the sharing of data and services between companies.
The technology lets users authenticate to their corporate network and then use that sign-on to gain access to services on a partner's network.
IBM's Tivoli Federated Identity Manager (TFIM) supports a number of standards and emerging standards for federation, including Security Assertion Markup Language, Liberty Alliance, WS-Federation, WS-Trust and WS-Security.
The server is a key integration technology for IBM's WebSphere middleware platform, helping link portals and application servers. And IBM says the technology is key for companies integrating internally between divisions and business units, especially those added through mergers and acquisitions.
IBM joins a handful of companies that offer federation servers, including HP, RSA Security, Sun, Oracle, Ping Identity and Trustgenix. Microsoft just last week released the first public beta of its federation technology.
"Our model is we want to provide a security service," says Venkat Raghavan, manager of security products for IBM's software group. "The service needs to flexible enough and intelligent enough so our customers can use any type of mechanism to connect in."
Raghavan says TFIM caters to two sets of users, those using browser-based single sign-on to Web-based applications supported by SAML, Liberty or WS-Federation and those using a security token service, a sort of middleware that allows the exchange of tokens regardless of format. With TFIM, IBM supports user name and SAML tokens.
"We are supporting that with WS-Security and WS-Trust," Raghavan says.
While WS-Security is an approved standard, WS-Trust, along with WS-Federation, are protocols developed by IBM and Microsoft that they have yet to turn over to a standards body.
TFIM is priced per user and starts at US$69. IBM also plans to offer per-processor pricing.