ID Management Gains New Partners

Both Novell and Oracle are embracing the Liberty Alliance's schema for federated identity management and detailing the products they'll release to support it.

Novell Inc. and Oracle Corp., both leaders in the identity-management space, on Wednesday rolled out technology blueprints for products that are compliant with Liberty Alliance standards for identity management.

Oracle announced at the Catalyst Conference North America, in San Diego, that it will update its Oracle Identity Management (OIM) infrastructure to include expanded federated identity and SOA (service-oriented architecture) security capabilities.

Uppili Srinivasn, senior director of identity management and security products at Oracle, said the OIM update will remove the cumbersome work of employers having to synchronize and manage multiple personal employee information and passwords lists, while also relieving employees of the need to remember multiple passwords.

"Without federation, theres a level of management of user information," Srinivasn said. "That can be avoided if you implement federation. From that point of view, its consolidated, its in one place, and thats an additional level of security.

"Theres no fragmentation or duplication of information," such as when employees have to provide personal information both for their employer and for a service provider such as, for example, a bank like Fidelity that services employees 401(k) plans.

Federation also removes potential liability of mishandling employee data on the part of service providers such as Fidelity. "Theres all these risks involved if you have to manage all these people," Srinivasn said.

/zimages/1/28571.gifWhat is federated identity management? Click here for a primer.

To achieve this federated identity management, OIM will incorporate the Liberty Alliances ID-FF (Identity Federation Framework) and ID-WSF (Identity Web Services Framework) standards. The OIM iteration also will support SAML (Security Assertion Markup Language) standards.

The new OIM capabilities are a result of Oracles integration of technology it gained in its acquisition of Phaos Technology Corp. in May. Srinivasn said future technology that may result from Oracles integration of Phaos could include the ability to provision users across systems, which is an area that the Liberty Alliance is working on.

The new capabilities have been integrated into OIM for the purpose of Liberty compliance testing. Oracle is now making the new iteration available for evaluation and pilots and will ship the new capabilities with the next version of OIM. Srinivasn said an ETA for that is currently undetermined.

/zimages/1/28571.gifOracle gave the Liberty Alliance a shot in the arm when it and Intel signed up as members. Click here to read more.

For its part, Novell announced a federated identity-management infrastructure code-named "Odyssey." Odyssey is designed to enable organizations to federate identity information among its business partners while still maintaining user privacy. It will enable single sign-on based on the Liberty Alliance 1.2 specification, centralized authentication and policy management.

Next Page: Sharing identity attributes without violating user privacy.