Liberty Alliance Project Presented at itapa 2003 Dr. Hellmuth Broda Sun Microsystems CTO EMEA and Liberty Alliance Management Board Delegate



Similar documents
Liberty Alliance Project Setting the Standard for Federated Network Identity

Liberty Specs Tutorial

Network Identity. 1. Introduction. Kai Kang Helsinki University of Technology Networking Laboratory

Authentication Privacy Principles Working Group

Dr. rer. nat. Hellmuth Broda

Developing a business model for Identity Management. Dr. Hellmuth Broda, VP Business Development, First Ondemand Spokesperson, Liberty Alliance

Privacy, Security, and Trust with Federated Identity Management

Managing Trust in e-health with Federated Identity Management

Nationwide and Regional Health Information Networks and Federated Identity for Authentication and HIPAA Compliance

Executive Overview of the Security Assertions Markup Language (SAML) v2.0

Federated Identity in the Enterprise

Liberty ID-WSF 2.0 Marketing Requirements Document

Case Study: SSO for All: SSOCircle Makes Single Sign-On Available to Everyone

SAML, The Liberty Alliance, and Federation* Eve Maler

Identity opens the participation age. Dr. Rainer Eschrich. Program Manager Identity Management Sun Microsystems GmbH

Les technologies de gestion de l identité

New Generation of Liberty. for Enterprise. Fulup Ar Foll, Sun Microsystems

Case Study: EIfEL Makes E-Learning and Resume Sharing Secure with Liberty Standards

Liberty Alliance. What's After Federation. Fulup Ar Foll Master Architect Sun Microsystems

An Overview of the Id Governance Framework

Liberty ID-WSF Security and Privacy Overview

Federated Identity Management Solutions

Identity Management im Liberty Alliance Project

New Zealand Sets the Pace for SAML 2.0 Deployments

The Primer: Nuts and Bolts of Federated Identity Management

The Primer: Nuts and Bolts of Federated Identity Management

The OMA Perspective On SOA in Telecoms

OIO SAML Profile for Identity Tokens

RSA Solution Brief. Federated Identity Manager RSA. A Technical Overview. RSA Solution Brief

Interoperable Provisioning in a Distributed World

Federated Identity Architectures

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.

IDDY. Case Study: Rearden Commerce Delivers SaaS Via Federation WINNER

Software Requirement Specification Web Services Security

EduTech Deploys Federated Identity for Maximum Impact

Securing Web Services With SAML

Internet Single Sign-On Systems

SAML Federated Identity at OASIS

Trusting XBRL: Using the Liberty Web Services Framework to Secure and Authenticate XBRL Documents

Liberty Alliance Approach to IDM. Brett McDowell, Liberty Alliance Modinis Workshop #2, Brussels

Identity Management for Converged Networks

Cross Operation of Single Sign-On, Federation, and Identity Web Services Frameworks

Accelerate Without Fear: Extend Your Enterprise with Identity Federation. Kirk Brown CTO, Identity Management Sun Microsystems

This way, Bluewin will be able to offer single sign-on for service providers within the circle.

SCUR203 Why Do We Need Security Standards?

PROTECT YOUR WORLD. Identity Management Solutions and Services

Softscape Web Services TM

Market Trends in 2002 and 2003

Title: A Client Middleware for Token-Based Unified Single Sign On to edugain

White Paper. Nokia Web Services Framework for Devices a Service-oriented Architecture

On the Radar: ForgeRock

Open Source Identity Integration with OpenSSO

An Oracle White Paper August Oracle OpenSSO Fedlet

Software Design Document SAMLv2 IDP Proxying

IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS

Liberty ID-WSF Multi-Device SSO Deployment Guide

IDENTITY MANAGEMENT AS PREREQUISITE FOR SECURE END-TO-END NETWORK BASED TRANSACTIONS

T-Check in Technologies for Interoperability: Web Services and Security Single Sign-On

Privacy and Security Best Practices

Whitepaper: Benefits of Federated Identity to Government

COPYRIGHTED MATERIAL. Chapter 1: Introduction

White Paper Delivering Web Services Security: The Entrust Secure Transaction Platform

Federation Proxy for Cross Domain Identity Federation

Sun Infrastructure Solution for Network Identity Seamlessly extend secure access to your enterprise fast, with reduced deployment time and cost

AlphaTrust PRONTO Enterprise Platform Product Overview

Interoperable, Federated Identity Management Frameworks Across Enterprise Architectures. We can do this.

Approaches to Enterprise Identity Management: Best of Breed vs. Suites

On A-Select and Federated Identity Management Systems

SAML basics A technical introduction to the Security Assertion Markup Language

IDDY. Case Study: ConAgra Deploys SSO for Travel Planning

Working Group on. First Working Group Meeting

<Insert Picture Here> Oracle Security Developer Tools (OSDT) August 2008

FEDERATED IDENTITY MANAGEMENT:

Case Study: Federated Telco Billing: The Next Wave in E-Commerce

Biometric Single Sign-on using SAML

Global Headquarters: 5 Speen Street Framingham, MA USA P F

OIO Web SSO Profile V2.0.5

Biometric Single Sign-on using SAML Architecture & Design Strategies

Oasis Security Services Use Cases And Requirements

Privacy and Identity Management in a Layered Pervasive Service Platform

Enabling SAML for Dynamic Identity Federation Management

Reduce Cost and Complexity of M2M and IoT Solutions via Embedded IP and Application Layer Interoperability for Smart Objects

Implementing Single Sign On in Java Technologybased

Digital Identity and Identity Management Technologies.

Why Identity Management. Identity Management. What We Cover. Role of Digital Identity. Digital Identity. Digital Identity (or network identity)

Liberty Technology Tutorial

Extending DigiD to the Private Sector (DigiD-2)

OATH FAQ February 20, 2004

SAML:The Cross-Domain SSO Use Case

CIO Update: Gartner's Extranet Access Management Magic Quadrant for 2H02

Attacking the roadblocks preventing aggressive adoption of Cloud Standards:

The Framework for ebusiness

Liberty ID-WSF Authentication, Single Sign-On, and Identity Mapping Services Specification

Identity Management. (Re)discovering authorization APIs and LDAP model binding. Clément OUDOT

Internet Single Sign-On Systems

Open Sourcing the Internet of Things

Leveraging New Business Models with Identity Management An e-learning case study

Cloud SSO and Federated Identity Management Solutions and Services

Apache Syncope OpenSource IdM

PRIVACY, SECURITY AND THE VOLLY SERVICE

Transcription:

Liberty Alliance Project Presented at itapa 2003 Dr. Hellmuth Broda Sun Microsystems CTO EMEA and Liberty Alliance Management Board Delegate WWW.PROJECTLIBERTY.ORG 1

What is Liberty Alliance? Vision: A networked world in which individuals and businesses can more easily interact with one another while respecting the privacy and security of shared identity information. Mission: To serve as the premier open Alliance for federated network identity management & services by ensuring interoperability, supporting privacy and promoting adoption of its specifications, guidelines and best practices. 2

Liberty Alliance More than 160 member organizations globally Driven by end-users, government orgs and vendors Led by Technology, Business and Public Policy Expert Groups 3

Defining Liberty Liberty Alliance IS IS a member community delivering technical specifications, business and privacy best practices IS providing a venue for testing interoperability and identifying business requirements IS developing an open, federated identity standard that can be built into other companies branded products and services IS driving convergence of open standards Liberty Alliance IS NOT IS NOT a consumer-facing product or service IS NOT developed and supported by one company IS NOT based on a centralized model 4

Identity and Business Identity is the most basic element in a high-value relationship between customers, employees, citizens or business partners 5

The Problem Today Companies need solutions that Leverage new trends and generate revenue Lower IT and infrastructure costs Address customer worries about privacy & security Scale Companies are spending billions of dollars on Web Service projects (figures vary by analyst) Very few enterprises have completed projects Current barriers to wide-scale adoption. Lack of: Technical standards for managing identity Interoperability between products and services A federated model (NOT centralised) Privacy and security best practices Business best practices 6

A Progress Report 7

Timeline of Recent Accomplishments Jan. 2002 Begins specification development July 2002 Releases Phase 1 specifications; Members announce Liberty-enabled product plans April 2003 Releases Phase 2 specification drafts; Demonstrates interoperability among 20 products; Submits Phase 1 specifications to OASIS (SAML) June 2003 Releases Japanese specifications July 2003 Introduces the first set of business guidelines 8

Increasingly Diverse Involvement Growth in government, non-profit and education sector involvement GSA, DoD, Canada Post, Hong Kong Post, Royal Mail, TRUSTe, Universitat-Hamburg, U. of Chicago, ISTPA Close relationships with other standards groups OMA, OASIS, Radicchio, The Open Group, Internet2 Increasing global involvement 25% of members are headquartered in Europe/APAC 9

Communicator (available) Computer Associates (Q4*) DataKey (available) DigiGan (Q3*) Ericsson (Q4) Entrust (Q1 2004) France Telecom (Q4 2003) Fujitsu Invia (available) Gemplus (TBD) HP (available) July Systems (available) Netegrity (2004) NeuStar (available) Nokia (2004) Novell (available) Liberty-enabled products and services NTT (TBD) NTT Software (available) Oblix (2004) PeopleSoft (available) Phaos Technology (available) Ping Identity (available) PostX (available) RSA (Q4) Salesforce.com (TBD) Sigaba (available) Sun Microsystems (available) Trustgenix (available) Ubisecure (available) Verisign (Q4*) Vodafone (2004) WaveSet (available) *Delivery dates being confirmed 10

Sample Download Statistics SourceID enables Liberty federation and SSO and is a good indicator of Liberty interest. Download statistics below* More than 2,500 downloads of SourceID Majority of downloads are by global 1000 corporations Approximately 40% are from companies outside the U.S. 70% are from companies *not* members of the Alliance 20% of the downloads are from governmental or academic institutions Telecommunications/wireless, financial services and manufacturing sectors have highest number of downloads, with wireless and financial services overwhelmingly in the forefront of deployments Immediate interest in Liberty s Phase 2 specifications Approximately 5,000 downloads of specification-related documents from Liberty s website three weeks following launch 800 downloads of Liberty s Privacy Best Practices document from Liberty s website three weeks following launch *SourceID sponsored by Liberty member Ping Identity Corporation 11

Federated Identity: A Technology and Business Issue 12

The Complete Liberty Architecture Identity federation and management ID-FF (Identity Federation Framework) ID-FF Architectural Overview 1.2 ID-FF Implementation Guidelines 1.2 ID-FF Static Conformance Req. 1.2 ID-FF Protocols and Schemas 1.2 ID-FF Bindings and Profiles 1.2 Liberty Glossary Liberty Trust Model Guidelines ID-SIS ID-WSF Identity Services Templates Core Identity Services Protocols Web Services Bindings & Profiles (Services Interfaces Specifications) ID-Personal Profile Impl. Guidelines 1.0 ID-Personal Profile 1.0 ID-Personal Profile SCR. 1.0 (Web Services Framework) ID-WSF Architectural Overview 1.0 ID-WSF Static Conformance Req. 1.0 ID-WSF Data Services Template 1.0 ID-WSF Discovery Service 1.0 ID-WSF Security Mechanisms 1.0 ID-Employee Profile Impl. Guidelines 1.0 ID-Employee Profile 1.0 ID-Employee Profile SCR 1.0 ID-WSF Impl. Guidelines 1.0 ID-WSF SOAP Binding 1.0 ID-WSF Security & Privacy Overview 1.0 ID-WSF Interaction Service 1.0 ID-WSF Client Profiles 1.0 Interoperability Foundation Layer Liberty Authentication Context 1.2 Liberty Meta Data 1.2 Liberty SASL-based SOAP AuthN 1.0 Liberty Reverse HTTP Binding 1.0 13 Release as Final Release as Draft Release at a later Normative Non-Normative date

Liberty s Business Guidelines Technology and business play equal roles Business guidelines outline requirements and considerations of federated identity Outlines major issues for identity interchange and trust relationships based on federated identity Examines risk and liability in identity interchange Identifies success criteria for global and cross-company federation Roadmap for delivering business guidelines Phase 1: Outlines major issues (Complete) Phase 2: Outlines issues and resources for specific implementation scenarios (late 2003/early 2004) Phase 3: Examines Liberty implementations in verticals and geographic context (2004) 14

How Liberty Addresses Security Direction and developments determined with business, technology and policy in mind Advocates and governing bodies have access and input into developments (I.e. TrustE, Article 29) Members are some of the most trusted names in business Security, privacy built into the specifications Federated model offers users more choice and control Not centralized no single point of failure Favors opt-in and permissions-based methodology Includes privacy and security best practices Supports pseudonymous linking permits anonymity Offers support for strong authentication methods (smart cards, biometrics, etc.) 15

Moving Forward Technology Focus on testing and demonstrating interoperability Plan to release final drafts of Phase 2 specifications (Identity Web Services Framework) Begin work on Phase 3 for identity-based web service specification templates Business Continue work with industry-specific organizations (OMA, BITS, FSTC, GSA) to move standards into applications Introduce next phase of Business Guidelines documents Expand education on federated identity globally Execute developer seminar program Policy Continue educating global policy makers and influencers 16

Q&A 17

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information