The cross-industry Liberty Alliance consortium has released its first set of open federated network identity specifications, designed to provide Internet users with single sign-on access to multiple Web sites within approved 'circles of trust'.
The Liberty version 1.0 specifications focus on interoperability between systems to enable opt-in account linking and simplified sign-on functionality. Vendors announcing plans today to deliver Liberty-enabled products and services include Communicator, Entrust, NeuStar, Novell, OneName Corporation, RSA Security and Sun Microsystems. The first products are expected to be available by end of 2002.
The Alliance was initially established as a bulwark against Microsoft's Passport system for Web identity management. The consortium, which includes all the major credit card companies, says it has recruited 26 new members in the past two months and received more than 100 inquiries from commercial and non-profit organisations after opening associate and affiliate level membership. New members joining the group include Aconite, CheckFree, Commerce One, PeopleSoft and Radicchio,.
In addition to the release of its version 1.0 specifications, the Liberty Alliance also released details of its next set of identity specifications already in development.
"Less than a year after the Liberty Alliance Project was formed, we've made solid progress in delivering a secure, technologically agnostic identification solution that can support a wide range of identity products and network devices," says Eric Dean, chairman of the Liberty Alliance Management Board and CIO of United Airlines.
The Version 1.0 spec allows businesses to connect heterogeneous systems in order to handle identification and authorisation in a more efficient and controlled manner. It enables federated opt-in account linking and simplified sign-on for businesses, consumers and employees on the Internet. As an example, a group of travel industry organisations implementing the Liberty specifications could enable their customers to move around the Web without re authenticating their identity.
Forthcoming updates to the specs are intended to enable organisations to share certain user information according to the permissions and preferences granted by the user. The Alliance also anticipates that the next set of specifications will enable organisations to link and extend their service offerings between selected partners and different circles of trust.