Liberty Releases Draft of New Spec

Alliance releases a draft of its second-generation specification for federated identity management and unveils its new Identity Web Services Framework.

SAN FRANCISCO—The Liberty Alliance Project on Tuesday released a draft of its second-generation specification for federated identity management. In addition to the new spec, the alliance also unveiled its new Identity Web Services Framework, which lays out the components needed to build interoperable identity-based Web services.

Alliance members, speaking at a press conference at the here, said they are in discussions with officials from Microsoft Corp. about making the Liberty specifications interoperable with the Redmond, Wash., companys Passport authentication service.

"Were in talks about that now. Its something that our members have said is important to them," said Simon Nicholson, director of alliances and industry initiatives at Sun Microsystems Inc., in Palo Alto, Calif., and chair of the Marketing Expert Group in the Liberty Alliance.

The two main enhancements to the new specification are protocols that enable affiliations and anonymity. The affiliations functionality allows users to federate their identities with a selected group of affiliated Web sites. This is seen as a key piece of any identity management service.

The anonymity functionality enables users to give a Web site certain pieces of personal information without revealing his identity.

The final Phase 2 specification is due for release in the third quarter, following a public comment and review period.

The new Identity Web Services Framework (ID-WSF) comprises several separate features designed to give vendors and enterprises a road map for developing interoperable Web services. Among the key features are permission-based attribute sharing, an identity discovery service and security profiles.

The security profiles feature describes in detail the requirements necessary for privacy protection and assurance of the integrity and confidentiality of the messages. But probably the most important feature is the permission-based attribute sharing, which gives users the ability to share certain attributes and preferences with a given Web site. That site can then use that data to offer the user personalized services.

As part of the announcement, several of the alliances members announced support for the Phase 2 specification in their products. Among those planning to deliver products that incorporate the spec are Netegrity Inc., Sun, Ericsson AB and Communicator Inc.

Most Recent Security Stories:

Search for more stories by Dennis Fisher.
Find white papers on security.
For more security news, check out Ziff Davis Medias Security Supersite.