Developers today announced the WSO2 Identity Solution, which enables LAMP and Java websites to provide strong authentication based on the new interoperable Microsoft CardSpace technology. New features in version 1.5 include: (1) OpenID Provider and relying party component support; (2) OpenID information cards based on user name-token credential and self issued credential; and (3) SAML 2.0 support.

BT is experimenting with a federated identity management system that could be rollled out to its eight million internet users and corporate customers. A commercial version would allow users to identify themselves for websites and applications and other users to access data, do work and transact business, said Robert Temple, BT's chief security architect. Using CA's Siteminder software, BT is giving internal staff web access to applications such as Peoplesoft, Siebel, Oracle Financials, Citrix, an XML gateway, and a voice-verification system from Persay.

Government Computer News discusses how a federated approach makes identity management portable: Overlapping identity management systems can be as much of a pain to users — and ultimately to systems administrators — as multiple passwords. Agencies that maintain multiple user repositories or whose processes cross more than one security domain should consider implementing federated identity management to reduce administrative overhead and costs while increasing security and simplifying the user’s experience.

Pat Patterson blogs on the the Project Concordia workshop held at RSA 2008 that shows SAML 2.0/WS-Federation single sign-on from a service provider to an identity provider. The identity provider authenticates the user via a managed information card and sends claims from the card to the service provider as SAML 2.0 attributes. Note that not every combination of SAML 2.0/WS-Federation SP, IdP and Information Card STS completely works, but enough that the approach was proven.