Sun details identity management strategy

Striking back at Microsoft's directory and authentication services with a hardware and software combination, Sun Microsystems on Tuesday detailed the Sun ONE (Open Net Environment) Platform for Network Identity.

The Sun ONE Platform for Network Identity is comprised of software, hardware, and services for managing the identity of users on the Internet or in a corporate network, laying the groundwork for its adoption of technology being developed by the Liberty Alliance Project.

The system can be used to manage the identity of users on a network and to set access privileges for applications, services, and other resources, said Jonathan Schwartz, Sun's chief strategy officer.

With a single sign-on, employees at an organization using the software could be authenticated and authorized to access certain services. For instance, Sun is using the system internally to manage access to its employee Web portal, retirement accounts, and voicemail as well as managing what buildings an employee is allowed to enter on Sun's campuses.

"For the most part, historically those were disparate systems," Schwartz said. "That was a nightmare for the CIO, who had to maintain all those different identity systems."

In addition to corporations, Sun plans to offer the Sun ONE Platform for Network Identity to telecommunication service providers as a system for managing the identities of subscribers.

The first version of the suite of products will be available Tuesday, the company said. Future versions will incorporate authentication technology being developed by the Liberty Alliance Project. That effort is supported by a number of technology, banking, and services companies and is intended to let users visit various password-protected Web sites that support the technology without having to sign on each time.

Sun with its network identity platform is looking to make it easy for enterprises to provide authentication services, according to Mark Herring, director of corporate strategy and planning at Sun, in Santa Clara, Calif.

"What we're trying to solve here is for those customers that are maybe not as sophisticated and just want a solution for network identity, they can roll this in and have a complete solution," Herring said.

Sun and the Liberty Alliance thus far has been subject to criticism from competitors on the basis that they were lacking technology.

The Sun ONE identity services, in conjunction with specifications being ironed out by the Liberty Alliance Project, is expected to compete with Microsoft's Active Directory software and the software maker's own single-sign on authentication service, called Passport, according to Jamie Lewis, CEO and research chair of The Burton Group Corp., an IT research company based in Salt Lake City.

Having both the directory software and the identity services will be important in order for Sun to compete effectively in the market, which is also being addressed by a slew of smaller companies.

"If you look at the Sun ONE initiative and look at what they're doing with Java to deliver Web services, these identity services are essential to making those strategies work," Lewis said.

Palo Alto, Calif.-based Sun will offer the network identity package in two editions: one for enterprise customers for use in a corporate network, and one for service provider customers for managing subscribers over the Internet.

The Enterprise Edition is designed to manage as many as 10,000 online identities inside a firewall. It includes two Sun Fire 280R UltraSparc III servers and a 72GB Sun StorEdge D2 storage product, pre-configured software including Solaris 8 and iPlanet Directory Server Access Management Edition 5, and 10 days of technical consulting, the company said. The Enterprise Edition starts at US$149,995, or about $15 per identity, Sun said.

The Internet Edition, designed to manage as many as 250,000 online identities outside of a firewall, is similar but comes with two additional Sun Fire 280R UltraSparc III servers and a 145GB Sun StorEdge D2 storage product. It starts at $999,995, or $3.90 per identity.

To enable users to define policies, Sun also is featuring iPlanet's Web server, Herring said, to enable users to access identity services as Web services.

Sun didn't announce any initial customers but said it anticipates interest from existing iPlanet Directory users. One potential customer is the State of Georgia, which uses the iPlanet Directory to manage the identities of all those listed in its Department of Motor Vehicles database.

"Sun, through its ownership of iPlanet products, has a substantial installed base of directory services customers," Lewis of Burton Group said. "This is its effort to leverage that installed base."

Support for Java card and smart card technology is due for the platform this year, to enable these to be used for network identification. Non-repudiation, to enable audit trails to verify transactions, is to be added in 2003.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about Burton GroupiPlanetLiberty AllianceMicrosoft

Show Comments