IBM Unveils Tivoli ID Manager

Federated app eases systems integration.

IBM last week announced its new IBM Tivoli Federated Identity Manager, which will extend the reach of Tivolis identity and access management technology, allowing companies to integrate disparate user authentication systems more easily within companies and between business partners.

Federated identity technology has been a holy grail for many IT professionals, who see proliferating passwords and log-ins for network and Web-based applications as a drag on IT support resources.

Federated identity systems, for example, can allow employees to access a third-party information portal for 401(k) or health benefits with the same user names and passwords they use to log on to their corporate network accounts, said Joe Anthony, director of integrated identity management at IBM, in Armonk, N.Y.

Integrating authentication schemes can slow growth, especially when companies need to give business partners, customers or other nonemployees access to network resources, Anthony said.

"Federated identity technology makes it easier to work with partners on a standardized basis and lowers the cost to bring a partner on board," he said.

Federated Identity Manager will simplify support for the Liberty Alliance and Web Services-Federation, Web Services-Security, Web Services-Trust and SAML (Security Assertion Markup Language) architectures, said Anthony.

The company decided to support the competing architectures after receiving customer demand for standards-based federation and realizing that no federated identity scheme is likely to win out over others, he said.

"Were seeing more RFPs [requests for proposal] from companies that want to make sure that when they interface with other companies that theyre doing it in a standardized way, so its not a one-off thing," he said.

Federated Identity Manager will integrate with IBM WebSphere middleware and with third-party portals, XML firewalls and application servers. IBM plans to use its relationships with third-party vendors that integrate with IBM identity management technology to speed deployment of Federated Identity Manager.

The product will work with other leading identity management platforms, such as Computer Associates International Inc.s Netegrity, as long as the platform supports SAML, WS-Federation or the Liberty Alliance, Anthony said.

IBM is already working with XML security appliance vendor DataPower Technology Inc., of Cambridge, Mass., and Layer 7 Technologies Inc., of Vancouver, British Columbia, as well as with VeriSign Inc., of Mountain View, Calif., and other companies to support the new product.

Federated Identity Manager will be available at months end, priced on a tiered, per-user basis.

Can I see some ID?

Features of Federated Identity Manager:

* Support for SAML, WS-Security, WS-Federation

* Integrates with WebSphere

* Eases integration of multiple user identities