Liberty Alliance discloses Phase 2 plan
- By John K. Waters
The Liberty Alliance this week disclosed details of its
federated identity-management architecture, outlining a standards-based approach
that the industry consortium hopes can resolve many of the technology issues currently hindering deployment of identity-based Web services.
Formed in 2001, the Liberty Alliance Project is a
consortium of 150 companies seeking to establish open standards for identity
management and ID-based services on the Web. Members include Sun Microsystems,
Hewlett-Packard, American Express, General Motors, America Online, Nokia, MasterCard, NTT DoCoMo, RSA Security, Sony and Vodafone.
Jason Rouault, chair of the consortium's Technology
Expert Group and senior architect at Hewlett-Packard, said the Liberty Alliance
is delivering its specifications in phases every six to nine months to allow for
quicker and easier implementation of identity solutions. The group released its
Phase 1 specs in July 2002 and updated them again in January 2003. These specs,
called the Liberty Alliance Identity Federation Framework (ID-FF), provides the
plumbing for federated identity management, Rouault said, establishing standards
for simplified sign-on and federation or ''linking'' among disparate accounts
within a group of businesses that have already established relationships.
Businesses, governments and other organizations are able to use this commonly
accepted architecture to build their own interoperable products and services.
''Now that the first specifications are available and
implementations are under way,'' Rouault said, ''it's imperative that we
articulate the overall architecture so potential users can integrate upcoming specifications into their marketing and IT planning.''
Michael Barrett, president of the Liberty Alliance
management board and VP of Internet Technology Strategy at American Express,
said the Phase 1 release addressed the basic issues of federation and simplified
sign-on; Phase 2 and future releases will address the dynamics of the ongoing
relationship organizations have with their employees, partners, customers and citizens, he added.
Expected by mid-year, the Phase 2 specifications will
enhance Liberty's Identity Federation Framework and introduce the Liberty
Alliance's Identity Web Services Framework (ID-WSF). This Web Services Framework
outlines the technical components necessary to build interoperable
identity-based Web services that meet specific business needs and also protect
the privacy and security of users' shared information, according to the alliance.
Phase 2 also includes the introduction of Liberty
Alliance Identity Services Interface Specifications (ID-SIS), a collection of
specifications built on the Liberty Identity Web Services Framework. These
specifications will provide a standard way for companies to build interoperable
services like registration profiles, contact books or calendar, geo-location or
alert services. The first service interface specification to be introduced is
the ID-Personal Profile, which will define a basic profile template that can be used to build a registration service.
The latest architecture release also provides a roadmap
that members promise to follow to accomplish the vision of a networked world in
which individuals and businesses can interact with one another easily while
respecting the privacy and security of shared identity information, Barrett said.
''Federated network identity is more than just simplified
sign-on, as illustrated by our direction,'' Barrett said. ''Establishing and
sharing your identity is critical to any kind of reciprocal relationship. Just
as you wouldn't typically begin a business relationship in the real world
without an introduction, you wouldn't enter a business relationship in the online world without establishing and proving your identity.''
The architecture and features of current and upcoming
Liberty specifications are detailed in a white paper entitled, ''Introduction to
the Liberty Alliance Identity Architecture,'' now available at http://www.projectliberty.org.
John K. Waters is a freelance writer based in Silicon Valley. He can be reached