Cameras
Camcorders
Cell Phones
Components
Desktops
HDTV
Home Theater
GPS
Laptops
Monitors
MP3 Players
Networking &
Printers
Storage
Industry consortium The Liberty Alliance Project published the final version of its Phase 2 specifications Wednesday and named five companies committed to releasing identity management products that support the new standards.
The Phase 2 Liberty Identity Federation Framework finalizes a draft standards document that was released in April and that Liberty Alliance hopes will make Web services easier to deploy and will ensure that services comply with laws for securing privileged user information.
Web services allow businesses and business applications to use open technology standards such as XML and SOAP to communicate and share information with each other and with customers over corporate intranets or the Internet.
Moving Forward
Phase 2 builds on standards laid out in Phase 1 for sharing user authentication information such as user names and passwords among organizations. It adds guidelines for sharing user attributes besides authentication information, according to Sai Allavarpu, group business manager for network identity services at Sun Microsystems, a founding member of Liberty Alliance.
The new standards will permit administrators to link user accounts at two or more organizations that are exchanging information in a Web services transaction, sharing data such as billing information, credit card numbers, and shipping data. That will make mainstream Web services deployments possible, whereas the Phase 1 specifications alone did not, Allavarpu said.
"Phase 2 bakes privacy into the [Web services] architecture. When you share data with businesses, you can decide what kinds of conditions and controls you want to place on that data," he said.
New Features
The Phase 2 specifications introduce new features such as a "resource owner interaction service" that will allow users to be contacted on mobile devices such as cellular telephones and confirm requests to share their user information, Allavarpu said.
For example, a book ordered at Amazon.com's Web site might generate a request from FedEx, sent to the user's cellular telephone or mobile device, to allow FedEx to share the shipping address with Amazon, he said.
Such services may be particularly attractive to telecommunications companies in Europe and the United States, which are eager to expand the number of premium services they can offer their phone customers, but which must contend with privacy regulations that restrict the sharing of customer information, according to Dan Blum, an analyst at Burton Group.
With a robust identity framework that allows companies to securely exchange useful information about user demographics and preferences, telecommunications companies will find it easier to market and sell new services such as games, restaurant recommendations, and applications, Blum said.
Product Plans
Vodafone Group plans to use Liberty Phase 1 and Phase 2 standards in its intranet and commercial service platforms. Vodafone platform releases in 2004 and 2005 will include the specifications, according to Liberty Alliance.
In addition, Sun's Allavarpu said that a version of the Java System Identity Server--due out in early 2004--will support Phase 2 specifications. A beta version of Identity Server that supports Phase 2 specifications is available for Sun customers to test.
Formerly known as Sun ONE Identity Server, the Java System Identity Server integrates directory services, access management, user management, single sign-on, and user self-service, along with federated identity using the Liberty Alliance Phase 2 specifications, Allavarpu said.
The new version of Identity Server will reduce the custom software integration that customers need to perform when deploying identity and access management systems based on the Liberty specifications. The product will also support delivery and authentication from mobile devices, including features for detecting the type of mobile device being used and for formatting Web content to fit the device's screen and resolution requirements, he said.
Also on Wednesday, Liberty Alliance published a "Privacy and Security Best Practices" document on its Web site to help companies navigate the dangerous legal waters regarding information practices worldwide. The document includes Liberty Alliance security and privacy recommendations as well as advice on how to address common Internet network vulnerabilities.
Competing Formats
The Liberty Alliance is not the only industry group working on Web services identity and information issues. In July, IBM and Microsoft published a competing identity management framework called Web Services Federation Language, or WS-Federation.
The Liberty Alliance has a good lead on IBM and Microsoft, but the various standards, including those promulgated by the Organization for the Advancement of Structured Information Standards, must converge at some point in the future as Web services deployments become more widespread and complex, Blum said.
With the growth in Web services implementations, companies are beginning to look more seriously at technologies like SAML, an XML-based authentication framework, and at the Liberty Alliance specifications, Blum said.
Interest from financial services companies that want to exchange information on borrowers securely could spur more Web services deployments in coming months, he said.
However, widespread enterprise adoption of the Liberty Alliance specifications may take months.
"There's increasing interest, but enterprises that are trying to use this stuff are still early adopters," Blum said.
Implementations of the Liberty Alliance specifications require considerable customization to make the specifications work with business applications and partners, he said.
"You still have to pay to play," Blum said.
