Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Liberty Alliance Spec Wont Cure Security Mess



 By: Dennis Fisher
2002-07-15
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The Liberty Alliance Project will unveil its specification for identity management this week.

The Liberty Alliance Project will unveil its specification for identity management this week, but members of the group and others said the entities involved in the Web services security standards effort have made little progress toward fusing their pet projects into a coherent platform.

Despite some encouraging signs—such as Liberty founder Sun Microsystems Inc., of Palo Alto, Calif., deciding to support the WS-Security (Web Services Security) authentication effort headed by its chief rival, Microsoft Corp., of Redmond, Wash.—many executives said they feel the differences between the companies will continue to hamper the standards effort. Those involved with the Liberty Alliance said they worry that Microsofts Passport identity service will become the de facto standard.

"Everyone in the industry is very wary of Microsoft, and Liberty is all of us banding together to make sure they dont dominate the market," said Deepak Taneja, chief technology officer of Netegrity Inc., a Web services security company in Waltham, Mass., and a new member of the Liberty Alliance.

At the same time, some Liberty Alliance insiders say that the 1.0 specification released this week is little more than a slightly dressed-up version of the SAML (Security Assertion Markup Language) specification that the Organization for the Advancement of Structured Information Standards produced this spring.

Resource Library:

The Liberty Alliance specification focuses on authentication and includes some provisions for setting up a federated identity management network, according to sources familiar with the release.

"The phase one spec isnt much different than SAML, but people will still want to come out and say that [their products] support it," said one executive from a Liberty Alliance member company, who requested anonymity. "What we need to do is meld [the Liberty Alliance specification, SAML, WS-Security and Microsofts Passport] together."

While thats an oft-cited goal among the companies involved, its much easier said than done.

Formed last year, the Liberty Alliance has been working on a standard for federated identity management in Web services, a specification that many see as a direct challenge to Passport.

WS-Security, by contrast, is a method for describing the conventions of how users and companies carry security credentials and how they can protect and verify the integrity of the messages that machines exchange via Web services. The specifications authors, Microsoft, IBM and VeriSign Inc., recently submitted WS-Security to OASIS for consideration as a standard.

SAML is an XML-based language that all proposed Web services standards support and that allows users to transfer security credentials from one affiliated site to another.

Some observers say, however, that once all the posturing and jockeying for position is over, the technologists will find some common ground.

"Ive seen some good signs. Im encouraged by what Sun is doing in joining [WS-Security]," said Bob Sutor, director of e-business standards strategy at IBM, in Armonk, N.Y.

"What customers see now is a wide variety of specs, and they dont have a clue how to glue them together," Sutor said. "Im hoping well see a good industry technology discussion around this and move away from the politics, which were all sick of. But standards take time. Its not going to be tomorrow."

Sutor said Liberty Alliance doing its future work under the aegis of OASIS would be a big step toward knitting together all the specifications.

Related stories:

  • Deal Links Visa, MasterCard Accounts to Passport
  • Tech Analysis: Liberty Alliance or Passport?
  • Averting Web Identity Crisis
  • Commentary: Liberty Is All About Identification Control
  • Commentary: Liberty Liberates Users From Passport
  • Liberty Alliance Support Grows



      Reader Comments: Liberty Alliance Spec Wont Cure Security Mess
    >>> Be the FIRST to comment on this article!
     

     
     
    >>> More Network Security & Hardware Articles          >>> More By Dennis Fisher
     


    • x}ks㶒qUS$5ҔlcؖgwKEQĘ"yHʏO역'o҃LvScKx4Fwh4y$s[֘\ÙIIvj]zg{/K$[_@1'(ː[(SMHwGizFOL> \?a,[Y| tjGt0.Pc<[c:&׳1ԓo͍Q21X -kHQ:*VOuh4i=#@I.b(CM.sH~P٦1IGAmg|{Pd`=SBT|HJk4ދшQGƏsjoeY㻝 (qw-̪rhx=i뷀S֠(v2%v+6^:3Fș}5Rz$Rɴv7g!25AC[0$1܋lsQ^]6m&\.ϡR͌aBw4}iQƺmyKk #M}2E9$7 \hy`ӧ$сNXEYnٰ˺}- :۱kϬ!.],rF,U)M P&&ާ4ja[ĥzr(07g馡,˺y[˫A(BX>P5띨r7}5{0p)nOϿvϕ+E}v!>LͺV u9[yи} Fb}" @D%\.j8y_4 ::~\NBn$>@FI/l|%rP<(|-_P\5=N-Lcv\ãH0ВF^8rrnNgSK׺nw[:>;nN|bP+|行Đ/@?#;Crqszr|qӾ[]$O%t:!(tf~R|YmUk_nG}_A$wnsgKj@R3?>]ćZW$#MXOz'䗳90jgLYn]fH&޵T,>J~fn3iR2xC2Xe]V,o4!0FD53cfI3(,egAN)41)6K .sǃݼR grCC8rݠQSSA%E7CD raTB(PHQ&FNTIR]y6njUsٹ>rYYT'*daeAUi;H n}׶ƍVuBWn?],qH$0U`N). 8ǵ:,m:+Hu߭RjUT1q+-^n2dL-41,;LH~Nw3@!i vڔ?jSS:4f@Xjh|჆(>hFʋEQsiO @sՇ{v4A>~g{ͥ@o]>':3 }PŐzS9LT@"iwM hA'];T[]6PCh>um'6(d@=>0tv60LPg:% q0yzODȥi=MPԤv9BB !L60 o# P,  b\ .:ҦBICzn }T[h+\KLAfkf(2{~u}fBd '$Xr`Y \+|)l 6ŢRUTqkBk42t08Bdp{43!i ON4PjHD\T~Na5]sOl?GyG#V3,+X5g?qyaY@ {G2eB7ƉOHh|B,qٛ#8A9^\#ouMl V{XaOr!vv'6`F 2VS w$mӰnWC7Bs݀C/2$\^&AB1 :d>l̳Pt̜*YZ2\n6Ry`OE܏a9=%6ox={q%%A{ -E梱x_O5*Y fUbueB$lJ}oaZZ @-EI L-؋WV7tjQt0*T dmҁdZ桇(J.} ]b@'^$økQ M> ma,zqŶ o5/TY97>2ai[aR^W5,qVfn (y(vߟ6Ll7I*W)թ{l;T]$/Hq{sL4'_>E\G1 `;ۋppBa e@֨ȫU5vX=Äや}Oƍ/Љm%k0tj14k~s;_vO[ŽtٔzүhVptA>2fÑaH50W!9WK.,Z!?RPqԏ5@&^`Gm d*ЦMPm}:bD-"k# \Q6-D. k ljrpj Zprv^ni^0,my.|<궇12q͍a'mG&R*ö1S{`bjF{T&/Ałc4q ֚0G5WcOcS!ak&A.4bV6\PXt> r+"$y4l*zujqMyM! /7˃E%"m52D$.g.OC{nc>TZEf,z,RT j%†*ZTp}3*xϸoFMh/Op圉}cXo,~R~K>3nA64|ppZMOYvPO^ɐ[ ʌJ4B~NSBDVAEXKuvo~Ɋ`1s' ]W 68>T;PRp{cOMy  ӱ%NJt ҹD\Uj_awk*A wt,(YE)͙oP9\R4ʧSK@x(A@6u4s=X\(``#>V1HaY[ ⺪T}2g:/{oւ68F )dzDG+=qh  ӝ ''pLV )VXS!bW hęfvgxgayϤ͋#|5yMشg9u2-E8ZA1-;E9Ȳ(_a1BnGo騙kQP䑫|)6sؐ9EW.|uW[5@aMɗ玾zP±BpadHog|mkH9Xhb9BJ9ޡxP)P7@yz-'F&5?8nT#z'8D1W;Q?綷T˰ČUOP=|)a^f&c螬\M~OQX}KyRUOhG2cdQrHUu{ e4w]]">v/$~Rd-@qc@@fQPF ta[ *d|Ub@/IplS.:Ղ_tM3apׄe#8hAYiI!ώO;=y>tW+fyNkw.y0Y ߫%a珅%8W}y吔j65?|<-~u1=myރ 2`i0Fjثkfߏճ"yrҾ|/]:lAy8x0\O!>РQ\8K%yԫeK:\[OrTHC,z_!z[fS L k3d8)0'pdqH/=P+B[Ku͉\9TzF_{r qbQa4'P%G|mXswސPRb&`$خ*Xe2ݽ:o~ ol'eN' m D78%S*PW<EHqA&NZǝ&' ">&9hDmpb~<B<Mp<"mX{p3يq+G9'$Ee"S`݅{[s=)F N/ō7w JE5P!!BJ T=ɶz {r12àADw1x8 e~=m22v]3%M<2CNmN2%ICϔ I8'<8J iey%ŝDlbTHzZoN{ռ4<6ަmWxvImc%2sg[E  KPk quvcaDr!JH,FC{1CN:#^4/?@ >w I Ns wjh wTff Yڝ1|ir@h7{m{2ߓ̆9t7qv^{;޽ܱ9d6"68i}\t(EaE6^pkr8-+iE{l[ oftmlPEFN=:5,.kr'EMKrPP9Of90{>F 3ش+c"J &UU >bx)1( dHob'Nhm4DP&ƲB6!(1dw}eL̷!3gGUyµ.=`'Fw6S--s÷2d@CZE EqmmcyEهܽ(NlŠuAB]! :2h`8̾zb ʐD~M+Z.) OT8Nyi`I첎E~(4°Q~hNqXP|xBOcJKЊN}|/?/:]gTfδ!']_v@32YH 8lH_VP7WꈹL&A dWb>b@P1T=$LzNYaދ)O~eԙ)8ӒImK)Xr9dI2l4K>z@,"}$OT0 ol_gɃ2_lcX()%)_ދ_K!I-:Gfol]e+ ;TURRX(񪃼zaē`%QL:}>لHp@DtIU`6rc[QYR *ΚOb8P7-Y@0;`}t1j( z6Z Diņ[y DUX> -gUv9UXNK/%@2ө"+1]XC;tÃa9!V`}!͑ Xa(")UIoJ!嗢1GMfcw6N|ٝY)A@nExU˳P~76-2*Sye0d.;Zt=@aeOT"IŹW$ "B*M4a Indٸֻ ش* *"cl3a{evvWq)#o 3~3~3~3~yl\oKXbJ+fEo$١lOcڏRp3<έZ6sܨǤ1-Czhkl8/feA:3!nx.i/҅pD'Ag柁`ԍnH + 8(li~ػ c)Z6 Hk~Q^3Fz\|yҹGP@@2Ss%Ԇ?s}$9yHk ŗwڌ{.'ϗ3Q:If@X( aH)~"'iR I']b $jDPdY qɨGK6ʗyldUdP`c,l쾾&n宱߬߬߬߬_RT_T7lFGOr우<`C;nvC]7ƚo\2k*= N oP0zԼ8_%%E,"CH#%ؾۧa/KftAy#A&F*i /IҰnE]}{ilDl[u;kE_)=KRIܱgC ]NӚR^}ڞ؎f[O_Pվ=&wrW|kgVSǸ"l(^v7@pΠkxwwdW2^IIߤ mű6xVUw5ǁ dEkkr.wt!p^Z.JSqbylC>؄_,NIf%2Ċ8RA+qiqn2?o++V)c<,rf&4k`P_EГs@K{HstV46 d5͗XKد+QđK}BSɼkMӜ/VܓɁa4/b6Y3z9 bacL榚g|Sc tq"{o~1~X6Ӑ ~VxrRLvEqQIHp'u0hxw\XDz7( 3 M?^2c;T0T4O3/0Q_7nmo{L}GvTw;&{c5˯}yLE570/XdT(_! $|6\d U<:@Wٳ#"垟gJN zAwǶ/|bVGcmc7\M8$1> "KC CA%y3N5saA 1'fSYhXUcl9+ʁs\::'G ]J1xy[O :#5"L|7\P:QQ&3H.uPc~WSU@*ĚAi6Űtyums܊!Vy ?׶׌oۦVy ֵn&x+ֻp z[o^3C'ܬDf.3\0?1u53ElЭq612,L :L΀Tfp]jhXHӸHdZP)O-_PJj\9s?rGdF+5mFNSWgLzTc >F+PSC746I$~@d=Tx>nnݫŎru Zc>ߕ/߉t& vgRg&qHGt M60* >J 7A6pw<-(ʾ/=q?z~m@1"3? q0! ȅLw.A#nbcqhy7pa%}=~|9[AG)T"ʑ̽V~w[7?__vne 1 h0*ejT KW 2@k8%?]:1-G@אIalq X"Rzou क ǫO?)y vq^OR}}ons7%ZSj׸H |-e" >"\/RyB@)BǴ|ǔ}}L ߤޤ  M :IJY g+8=R2z)A^կ?4%SYYzvBe^\422௛eߧoelھ:BR; +]a-|^}-kkJ1j4 b}/ %\e(2/M"!+(21hpWYdcbh b{He?~VPb构u]}\Lr!{] WeM'ik(s3gg=UcL"{>f^U#|. |ޥcFtKYkOT/SiKy>Ј{S3=~*96 zۍS<^CG0sKk>珶ÓxwY.-j,9“m(9q}2ىlߥxBi3a*g6íEi78rW3,o󠗕rG<:;Xw[۽O,w렇/Kfz}2G_)N(a(xFZgǷs ;wMMѽk~58]pژ8vƶ= Pu@:8T.ErT)gj'׈d6'3t``UEVrg l|((|F!e~iث,0c ya8an[]"z%^>BKm "F1 ͛,I57/ {_Bf@ 96b'`!1ۿ XN{u7Wu:Vɤ[TlV{N[PgW軥@:oH;Ss`|ӄY@Dsx7i {*xq}6,J!x-&pjWcV_hN<&3!U{_Txx ‹e.scނau jד53[-cH b^[I6ɐ`,K46zg{|=KF

    {T>Q 0icОu$| $G2x[059DDMO6"V_eݞ4ڀP<  -vPsVf]~L隉˳ymOmbe]ݎ:zj@@|ƶ6<} wb/C1_Kwbax>z7G<>Coxz&<e,|Ͷ'hްaI㽄$ SvB[POĞ [޳RoT˹,Hs=ۢ1aԿ+_1#4:DB  Vj 괯ImFn_m΄ xsp?ljøP#HA.xϑt ,ᗼv8:X5m$=IKh8[5b8gC›JGrBi;c{]/I)H[AȹX6Jwn —5[Y,&/ă_| gO>¶9"Z;GgARD~kJ]&*P=eٚ v,/d-+2lů-=HiE_Oo&C%|Cb1G(]p  ""_Rasom/y㶁E"= S Q:ia3D:'D@0avwjX ˖0S)%Rxc{FX1m; ;!'1K;u Ѫr!Y|h@ooiM9x[ef( ӗݜ o| 8ho.t4-y|>7a$T R~?OJ B K[؂>ވ\ TjœWvl[@cy`Yf&;I) 3/e@Dvg˫@y56VsֈNa]q=ӸKAѮ(Yn0g60 o#˜G:K8~mA=be{,-UuӈrcxdKYf:P yXt!o+ A//K,^rXٽ"8NmR5$ck-:-(??h_^:?{cm'nJQi#5TMeщ&o߉q߼g,ٿyl FXۙDYa1 g'[yWi:9X}/#3!aY&5D3//N \W07L;̋lqGy%%CRFCb0Fc;Eb|MSX }JP]4lmAb ;im#)O vY)kA=NZUlZ 14Ko̓c{V"K:%9- >`=>gzC%p&&6a]`p8 te0QSLFٔ6s5`?U`2 ߿Z.$AcD5̱`,ӊHv"V䜔KLΡnlpQ!%VF #5P&zX2mn-ǟB@ Z|qƳC|撟 元>GNxN=Kf}+s)VR,_XЛ]<"Zc^445k<Y}‡(Awq.8O={{7ƈF#C?qwj}/{?5QjA7Zq?vPe^g0u{ bcI)@4Xk yy3v!AiBۉZ;Jp8_1=/st RF`w,}KufP#/Ռ~B8 v'xm^%=^*8j}]@csXg{Guk%j@L(oL!)F_Ϡ0JP)i_U~bx @ R8@dž40,Y7A9;|caKW?(t\N3R+:e]RS{V>+im )NNxcCس2y(`v>KlUEQk;,x%WrU32L "8mWdի8Aw.{ 7ci1RA*+wPU,-DXb?<է XWC7X%v߈ ^& N/;-=˫ GYȾOw1,k7x/x9v^cj!2f'x.h-Ѣ0ɛ& Z 0Ex Z+fŻ1άKzA4負{քf1j90`K>ɂF4wEdaNW/n3V*)pF"qOo@j%S-@h&#З]܄]&#l+ 9b &zl:nmI,@Buzs%Na +$\Uidun_B\WNtg/6vB2j fa! v,B y&|,sl@@F7!-4ƑPN]t;God=eb 1 53/FHr=̢ ʼn7@=1Ƽ{72 ҂ʍ\1-@LrY mЮ=@' *"+[\cu-{=+Z [#юŹ~;.t= bcv+ fOZ,R pru`IE << EB(h\Xp2pYB X'uQBZ5A!23חݰD`ؓkH ߉$J<<=$+ш4a̕F@'9imH" :boSCt_:lȻe,}zQ9eH1ٵO˺iӮ+66)ck;&ޚ# hY"--A0Kr(<Ǜ5)lq|n E*J=+{ x`ۏڄE9mQ>g J̞ЈzkbJmmGbc;9&1pHwxێZv~BD<*ֳvu?6v-&Ǧ=,o~qBf%:D=|MƗsB@X’C~C q{7$* wVnv1v1> [64R9l'3{쪭eǣC+qd̬;rPR<e:'$! +w<9i_WA̼YDP3EfWy,AOwTJ,[oI1DXCtb=9P-X!$5pe/vٰMi8PU~X(9?҃8ĸB1Rm*2]'abf؄p3lSxxXqaY"w;>