Microsoft, Sun Security Paths Diverge

The latest battleground for Microsoft and Sun is the identity management arena.

Identity management is rapidly becoming a new battleground for rivals Microsoft Corp. and Sun Microsystems Inc., each of which is committing support for different standards.

While Microsoft demonstrated new security and ID management services running together under the WS-Federation (Web Services Federation Language) specification just last week, Sun is planning to announce this week three new identity management products that will compete directly with Microsofts prized Active Directory.

The moves indicate a growing interest among enterprises to assume more control over their users personal information and whereabouts. To do it, Sun and Microsoft are expanding their technologies to include added support.

/zimages/5/28571.gifFor more on Microsofts moves, click here.

Suns trio of ID management products, due this week, will support the Liberty Alliance Project Phase 2 Specifications and SAML (Security Assertion Markup Language).

"It makes a lot of sense. Theyre streamlining what theyre doing," said Rick Wenban, director of information security at Caremark Inc., a pharmaceutical services company in Nashville, Tenn., and a Sun customer. "If we have the people and processes in place, their technology can take care of the rest." But the divergent paths of Sun and Microsoft, which showed off its latest ID management tools at its Tech Ed show in San Diego last week, could hinder adoption, Sun officials said.

"If one area of technology has three standards, it doesnt do anyone any good," said Sara Gates, director of product management for identity at Sun, in Santa Clara, Calif. "There are real and legitimate discussions with us and Microsoft about identity. Our next step is to drive convergence with WS-Federation."

Until then, users must side with one or the other. "This is an area that were in active discussions with Microsoft," said Tony Redmond, vice president and chief technology officer of Hewlett-Packard Co.s Consulting and Integration unit and the companys security technology lead, in Palo Alto, Calif. "A single standard reduces complexity for customers."

Suns new ID offerings

Identity Manager

User provisioning and meta-directory

Access Manager

Identity federation with SAML 1.1 and Liberty Phase 2 support

Directory Server

Central store for enterprise identity data

Like SAML and the Liberty specifications, WS-Federation is a framework for allowing identity management systems to interoperate by accepting security credentials.

/zimages/5/28571.gifFor insights on security coverage around the Web, check out Security Center Editor Larry Seltzers Weblog.

Suns new ID management offerings include Java System Identity Manager, Java System Access Manager and Java System Directory Server Enterprise Edition. The solutions represent the combination of Suns own technology with products the company gained in its acquisition of Waveset Technologies last year.

Identity Manager, Sun executives said, enables administrators to manage identity permissions and profiles and includes identity synchronization across various products. Access Manager gives users secure access to internal and Web-based resources and applications. Directory Server includes a proxy with failover and load balancing for directory environments. It also has password synchronization for Active Directory.

/zimages/5/28571.gifCheck out eWEEK.coms Security Center at for the latest security news, reviews and analysis.


Be sure to add our developer and Web services news feed to your RSS newsreader or My Yahoo page