The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

BT trials federated identity management

BT is experimenting with a federated identity management system that could be rollled out to its eight million internet users and corporate customers. A commercial version would allow users to identify themselves for websites and applications and other users to access data, do work and transact business, said Robert Temple, BT's chief security architect. Using CA's Siteminder software, BT is giving internal staff web access to applications such as Peoplesoft, Siebel, Oracle Financials, Citrix, an XML gateway, and a voice-verification system from Persay.

Temple said the company's intention is to provide managed user identity as a "common capability" of the kind relatively common in IT but rare in telecommunications.

Temple said BT runs 32 discrete different networks. As a result it has too many Radius identity authentication servers. Learning how to consolidate how it manages user identities on all these networks is the only way it would be possible to extend similar safeguards to BT customers, he said.

It has opted to use the SAML 2.0 standard for federated identity management. However, it has proved hard to find external contractors willing and able to help BT as most were familiar with earlier versions of SAML.

Read the complete article in Computer Weekly. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I