The point security product is doomed, to be replaced by the umbrella coverage of an overriding security solution that protects not only the network infrastructure, but data sources, PCs and everything in between.

Developers today announced the WSO2 Identity Solution, which enables LAMP and Java websites to provide strong authentication based on the new interoperable Microsoft CardSpace technology. New features in version 1.5 include: (1) OpenID Provider and relying party component support; (2) OpenID information cards based on user name-token credential and self issued credential; and (3) SAML 2.0 support.

BT is experimenting with a federated identity management system that could be rollled out to its eight million internet users and corporate customers. A commercial version would allow users to identify themselves for websites and applications and other users to access data, do work and transact business, said Robert Temple, BT's chief security architect. Using CA's Siteminder software, BT is giving internal staff web access to applications such as Peoplesoft, Siebel, Oracle Financials, Citrix, an XML gateway, and a voice-verification system from Persay.

Government Computer News discusses how a federated approach makes identity management portable: Overlapping identity management systems can be as much of a pain to users — and ultimately to systems administrators — as multiple passwords. Agencies that maintain multiple user repositories or whose processes cross more than one security domain should consider implementing federated identity management to reduce administrative overhead and costs while increasing security and simplifying the user’s experience.