XML Drives ID Management Systems

 
 
By Jim Rapoza  |  Posted 2002-06-24 Email Print this article Print
 
 
 
 
 
 
 

Those implementing services must master the standard.

Once you get past all the politics and hype over competing identification management efforts, one fact is pretty clear: Underneath it all, these systems are very similar.

The main technology driving all Web services identification management efforts—as well as enterprise-based single-sign-on and ID management systems—is the XML standard.

XML is the default method by which Web services and applications are developed and the means by which services share data with partners. And all the key Web services technologies—including Simple Object Access Protocol and Web Services Description Language—are themselves based on XML.

Any business pursuing Web services should have a deep understanding of XML and all current and forthcoming standards related to it.

Speaking of forthcoming standards, one that is soon to be final and clearly the leading option for handling authentication and single sign-on for Web services is SAML (Security Assertion Markup Language).

SAML combines most of the previous work on XML-based authentication for Web services into a technology that can be used for user log-ins and automated machine-to-machine authentication. Because SAML is XML-based, it should be easy to develop to and should easily integrate with any Web services.

However, Web services based on early versions of SAML will be incompatible with the final version, and Microsoft Corp., among other vendors key in the Web services area, is not on board. Both of these issues could impede the acceptance of SAML.

If all authentication schemes used open standards and all businesses developed Web services using XML and script-based tools, the world would be a very interoperable space.

However, Microsoft has already gone at least partly proprietary with its Passport system, and differences among authentication systems will likely continue for some time. This will force many businesses to build infrastructures that can support multiple authentication methodologies.

The Liberty Alliance, led by Sun Microsystems Inc., promises more interoperability, but technical details about the system are in short supply right now.

However, given the fact that Sun happens to be one of the backers of SAML, there is a good chance that the Liberty Alliance solution will make heavy use of SAML and other open standards.

East Coast Technical Director Jim Rapoza can be reached at jim_rapoza@ziffdavis.com.

 
 
 
 
Jim Rapoza, Chief Technology Analyst, eWEEK.For nearly fifteen years, Jim Rapoza has evaluated products and technologies in almost every technology category for eWEEK. Mr Rapoza's current technology focus is on all categories of emerging information technology though he continues to focus on core technology areas that include: content management systems, portal applications, Web publishing tools and security. Mr. Rapoza has coordinated several evaluations at enterprise organizations, including USA Today and The Prudential, to measure the capability of products and services under real-world conditions and against real-world criteria. Jim Rapoza's award-winning weekly column, Tech Directions, delves into all areas of technologies and the challenges of managing and deploying technology today.
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel