Liberty Alliance: 2003 will bring products, services

While lacking specifics, a poll of Liberty Alliance Project member organizations indicates that 2003 will see the emergence of new technology that applies identity management and user authentication standards developed by the industry consortium.

On Tuesday the Alliance released the survey results along with examples of projects that are currently under way using the 1.1 specifications and information on new Alliance members.

According to the Alliance, a poll of its members found that:

-- Fifty-nine percent of those members who responded planned to implement the Alliance's 1.1 standards in IT projects or products released this year.

-- Seventy percent of those who responded planned to implement the Alliance's standards, though not necessarily in 2003.

-- Fifty-two percent said that they would be deploying the Liberty Alliance specifications in services that benefit their own employees.

A number of ongoing projects that apply the 1.1 specifications were identified in the statement. Those projects included a plan by General Motors Corp. to use the Liberty 1.1 specifications on its employee intranet, MySocrates, and a project involving the Financial Services Technology Consortium (FSTC) to create a multibank network to securely exchange customer account, transaction and credential information.

In the product arena, the Liberty Alliance announced that Communicator Inc. will deliver a version of its Hub ID product line that uses the Liberty 1.1 specifications by the end of January and that SourceID, an open source development community, will release a Java toolkit for implementing Liberty-standard single sign-on features.

Twenty-two new Liberty Alliance member companies were also identified, including high profile companies such as Siemens AG, NEC Corp., and Computer Associates International Inc.

Despite the news, comprehensive data was lacking from the industry group. The Alliance polled 42 of its 150 members and the data presented represented feedback from just 22 of those companies.

Poll results aside, there was no indication of which companies had responded to the poll or what progress the vast majority of Liberty Alliance members are making toward releasing products and services that use the consortium's 1.1 specifications.

A Liberty Alliance spokeswoman said that the poll was for internal purposes only and was not intended as a scientific survey of the consortium's members. The poll targeted the group's high-level founder and sponsor member organizations. Lower-level associate and affiliate members were not polled, the spokeswoman said.

The poll results were greeted with optimism by some involved with the consortium.

"I think what the poll highlight is that in the space of 12 months we've gone from just getting started, to specs that users are incorporating into internal and external systems," said Simon Nicholson, chairman of the consortium's Business and Marketing Expert Group and an employee of Liberty Alliance backer Sun Microsystems Inc.

"In the world of initiatives and standards, that is nothing short of remarkable. It shows that the Liberty Alliance is more than just academic 'Let's draft some specs' type stuff.'" Although the 1.1 specifications were released in July, 2002, products and services that use those specifications have not been forthcoming. The Liberty Alliance Web site lists just 11 companies with products that implement or plan to implement the 1.1 specifications.

A second phase of specifications, version 2.0, is due out in the first half of this year with guidelines for site-to-site authentication and user-attribute sharing, according to the Alliance.

Industry experts attribute the slow pace of Liberty 1.1 adoption to uncertainty about the future of the Liberty standards and of its main competitor in the single user authentication and identity management arena, Microsoft Corp.'s Passport service.

The two services offer different approaches to many of the same technical challenges. Among the differences are Microsoft's central management of user data versus the Liberty Alliance's decentralized approach.

In addition, Microsoft's Passport service relies on proprietary protocols to handle user authentication tokens, whereas the Liberty Alliance specifications call for exchanging authentication tokens using the Security Assertion Markup Language (SAML) extensions.

Microsoft's eventual shift to the Kerebos technology to handle authentication may open the door to more interoperability between Passport and Liberty Alliance member sites, but Microsoft has warned that migrating its 200 million existing Passport accounts to Kerebos will take time.

And, while Microsoft has indicated that it will support SAML assertions in its Windows server authorization infrastructure, no specific time table has been provided for that support.

In the meantime, corporate IT managers are left wondering whether the two federated authentication systems will battle for dominance or decide to join forces and interoperate.

Even if the decision is for cooperation between Microsoft and the Liberty organizations, technology that supports both standards may be years away.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about CA TechnologiesFinancial Services Technology ConsortiumHolden- General MotorsLiberty AllianceMicrosoftNECSiemensSun Microsystems

Show Comments