What about Shibboleth?

This open source effort seems confined to research environments for now.

< Back to Our federated future

The Liberty Alliance's standards aren't the only federation specifications that leverage and extend Security Assertion Markup Language 1.x. Another SAML-based federated ID management environment, called Shibboleth, has taken root among higher education and research institutions involved in the Internet2 project. About 40 U.S. campuses participate in the Shibboleth ID federation environment, which lets them leverage local logons for secure but anonymous access to information resources hosted at other institutions.

The Shibboleth community has built its federation environment on the OpenSAML code base. However, the community has defined many extensions to enable user anonymity, privacy protection and other features not supported in the core SAML 1.x standard. The Shibboleth project, which began developing its federation architecture four years ago, provides its code base on an open source basis. The project is entirely separate from the Organization for the Advancement of Structured Information Standards' Security Services Technical Committee (which defines SAML) and the Liberty Alliance. Unlike SAML and Liberty, there are no commercial products or services that implement the Shibboleth code base or specifications.

- James Kobielus

Insider Shootout: Best security tools for small business
Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies