News

Liberty Alliance discloses Phase 2 plan

• By John K. Waters
• March 12, 2003

The Liberty Alliance this week disclosed details of its federated identity-management architecture, outlining a standards-based approach that the industry consortium hopes can resolve many of the technology issues currently hindering deployment of identity-based Web services.

Formed in 2001, the Liberty Alliance Project is a consortium of 150 companies seeking to establish open standards for identity management and ID-based services on the Web. Members include Sun Microsystems, Hewlett-Packard, American Express, General Motors, America Online, Nokia, MasterCard, NTT DoCoMo, RSA Security, Sony and Vodafone.

Jason Rouault, chair of the consortium's Technology Expert Group and senior architect at Hewlett-Packard, said the Liberty Alliance is delivering its specifications in phases every six to nine months to allow for quicker and easier implementation of identity solutions. The group released its Phase 1 specs in July 2002 and updated them again in January 2003. These specs, called the Liberty Alliance Identity Federation Framework (ID-FF), provides the plumbing for federated identity management, Rouault said, establishing standards for simplified sign-on and federation or ''linking'' among disparate accounts within a group of businesses that have already established relationships. Businesses, governments and other organizations are able to use this commonly accepted architecture to build their own interoperable products and services.

''Now that the first specifications are available and implementations are under way,'' Rouault said, ''it's imperative that we articulate the overall architecture so potential users can integrate upcoming specifications into their marketing and IT planning.''

Michael Barrett, president of the Liberty Alliance management board and VP of Internet Technology Strategy at American Express, said the Phase 1 release addressed the basic issues of federation and simplified sign-on; Phase 2 and future releases will address the dynamics of the ongoing relationship organizations have with their employees, partners, customers and citizens, he added.

Expected by mid-year, the Phase 2 specifications will enhance Liberty's Identity Federation Framework and introduce the Liberty Alliance's Identity Web Services Framework (ID-WSF). This Web Services Framework outlines the technical components necessary to build interoperable identity-based Web services that meet specific business needs and also protect the privacy and security of users' shared information, according to the alliance.

Phase 2 also includes the introduction of Liberty Alliance Identity Services Interface Specifications (ID-SIS), a collection of specifications built on the Liberty Identity Web Services Framework. These specifications will provide a standard way for companies to build interoperable services like registration profiles, contact books or calendar, geo-location or alert services. The first service interface specification to be introduced is the ID-Personal Profile, which will define a basic profile template that can be used to build a registration service.

The latest architecture release also provides a roadmap that members promise to follow to accomplish the vision of a networked world in which individuals and businesses can interact with one another easily while respecting the privacy and security of shared identity information, Barrett said.

''Federated network identity is more than just simplified sign-on, as illustrated by our direction,'' Barrett said. ''Establishing and sharing your identity is critical to any kind of reciprocal relationship. Just as you wouldn't typically begin a business relationship in the real world without an introduction, you wouldn't enter a business relationship in the online world without establishing and proving your identity.''

The architecture and features of current and upcoming Liberty specifications are detailed in a white paper entitled, ''Introduction to the Liberty Alliance Identity Architecture,'' now available at http://www.projectliberty.org.