NEW YORK - A consortium of the world's top financial institutions is sharing user directories so customers can enjoy single sign-on access across their Web sites in an effort that is shaping up to be a blueprint for emerging universal user identification standards.

Under a program called the Bond.Hub consortium, Credit Suisse First Boston, Goldman Sachs, JPMorgan Chase, Lehman Brothers, Merrill Lynch, Morgan Stanley, Salomon Smith Barney and UBS Warburg have created single sign-on capabilities for 15,000 mutual customers seeking fixed-income investments by joining customer identities stored in their respective directories - a concept known as federating.

With Bond.Hub, a user who signs in on one private bond site can cross over to another institution's private site, for which the user has an account, without having to enter a separate username and password. The hub operates in the background and synchronizes a user's identities from each institution, and brokers the exchange of encrypted security credentials.

While standards to support universal identities for use across the Internet are just beginning to take shape, Bond.Hub shows that federating authentication and authorization credentials can ease the burden of administering identities and access-control data for internal users and business partners. Today, companies often have to administer those accounts manually or delegate administration to partners, both of which are labor intensive and don't scale.

The proprietary Bond.Hub for federating identity is equivalent in concept to a proposed standard being developed by the Liberty Alliance, a consortium of corporations and vendors that released a specification in July for a Web-based universal identity.

The Bond.Hub effort also mirrors the goals of the Security Assertion Markup Language (SAML), an XML-based standard security protocol that the Organization for the Advancement of Structured Information Standards approved last week.

"Bond.Hub proves that the Liberty Alliance and SAML standards are not being defined in a vacuum," says James Kobielus, an analyst with Burton Group and a Network World columnist. "It's a proof of concept for federated identity with account linking and single sign-on. That's a core-use case for Liberty Alliance."