NEW YORK - A consortium of the world's top financial institutions is sharing user directories so customers can enjoy single sign-on access across their Web sites in an effort that is shaping up to be a blueprint for emerging universal user identification standards.
Under a program called the Bond.Hub consortium, Credit Suisse First Boston, Goldman Sachs, JPMorgan Chase, Lehman Brothers, Merrill Lynch, Morgan Stanley, Salomon Smith Barney and UBS Warburg have created single sign-on capabilities for 15,000 mutual customers seeking fixed-income investments by joining customer identities stored in their respective directories - a concept known as federating.
With Bond.Hub, a user who signs in on one private bond site can cross over to another institution's private site, for which the user has an account, without having to enter a separate username and password. The hub operates in the background and synchronizes a user's identities from each institution, and brokers the exchange of encrypted security credentials.
While standards to support universal identities for use across the Internet are just beginning to take shape, Bond.Hub shows that federating authentication and authorization credentials can ease the burden of administering identities and access-control data for internal users and business partners. Today, companies often have to administer those accounts manually or delegate administration to partners, both of which are labor intensive and don't scale.
The proprietary Bond.Hub for federating identity is equivalent in concept to a proposed standard being developed by the Liberty Alliance, a consortium of corporations and vendors that released a specification in July for a Web-based universal identity.
The Bond.Hub effort also mirrors the goals of the Security Assertion Markup Language (SAML), an XML-based standard security protocol that the Organization for the Advancement of Structured Information Standards approved last week.
"Bond.Hub proves that the Liberty Alliance and SAML standards are not being defined in a vacuum," says James Kobielus, an analyst with Burton Group and a Network World columnist. "It's a proof of concept for federated identity with account linking and single sign-on. That's a core-use case for Liberty Alliance."
The Liberty Alliance specification, which incorporates SAML, seeks to establish a standard user authentication and authorization system that is valid across Web sites. Microsoft is working on a similar project with its Passport technology. Both projects will require not only a universal user identity but also standards for creating permissions and policies regarding access control, and contracts for spelling out obligations of trust and liability.
Bond.Hub is built on a hosted service from vendor Communicator, which uses its Hub ID product to link subsets of the user repositories of the eight bond houses. Former members of the electronic-commerce team at Salomon Smith Barney founded Communicator three years ago.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment