The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Multivendor identity systems can work together

A unique demonstration showed user-centric identity software from major vendors, start-ups, one-woman projects and open source hackers all working in concert to replace passwords with validated identity-card access to Web-based resources. The two-hour interoperability demonstration hosted at the annual Burton Group Catalyst conference was co-sponsored by the Open Source Identity System (OSIS), which is a working group within the Identity Commons project to unite the leaders of open source efforts around digital identity.

The OSIS steering committee includes CA, Cordance, IBM, Microsoft, NetMesh, Novell, Nulli Secundus, Oracle, Parity Communications, Ping Identity, Sxip Identity and VeriSign.

The demo's intent was to show that emerging user-centric identity systems -- which put users in control of their own identity information -- can be federated and act as a universal identity mechanism for access to Web-based resources.

This identity layer is commonly known as the "identity metasystem" a term coined by Microsoft identity architect Kim Cameron.

But while the lofty goal of user-centric identity is still in the distance, Wednesday's demonstration showed that it is obtainable.

The demonstration focused on technology that uses identity protocols OpenID, WS-*, and the Security Assertion Markup Language (SAML). While the user-centric identity model today is more closely aligned with consumer needs, corporate users see the technology as a potential means for handling some of their own federated identity issues.

"This seems to address a number of enterprise needs that we have," said an IT architect for a Fortune 50 company he asked not be identified. "It could provide our community of company retirees with credentials that are better than a user name and password and that are more cost effective to manage and that are going to be more user friendly. It seems like a perfect model, so I am excited about that."

Read the complete article by John Fontana in CSO. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I