Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
Security /

Baltimore Tech first to add SAML

Authentication specification promises to aid interoperability.

Today's breaking news
Send to a friendFeedback

By John Fontana
Network World, 04/29/02

Baltimore Technologies this week will release the first Web access-management software that features an emerging security protocol designed to support interoperable authentication services.

With SelectAccess 5.0, Baltimore is the first vendor to release an implementation of Security Assertion Markup Language (SAML). The company's major competitors, including Netegrity, Oblix, RSA Security and Open Network Technologies, also plan to implement the 1.0 specification before year-end.

Federation key to Web services
Kobielus on the importance of SAML

The first version of the protocol, which the Organization for the Advancement of Structured Information Standards is scheduled to ratify in June, is an XML framework for exchanging authentication and authorization credentials.

SAML can be used between any network security boundaries. It promises to allow interoperability between disparate Web access-management systems, which are used to control access to corporate networks. That should free IT executives from product lock-ins and cumbersome gateways, advocates say.

"Many enterprises say they want to provide Web single sign-on in a standard way that is vendor neutral, and SAML is important in enabling that to happen," says James Kobielus, an analyst with The Burton Group and a Network World columnist. "All these access management vendors know they need to have their products interoperate, so they are behind SAML."

The major vendors will hold a proof-of-concept test at The Burton Group's annual Catalyst Conference in July.

Kobielus warns that SAML won't realize its potential unless implementations of the specification are consistent across vendors' products. That is not always an easy task, as evidenced by initial troubles to get vendors' implementations of Lightweight Directory Access Protocol (LDAP) to work together.

SelectAccess 5.0 also features a new automatic configuration service for its validation engine and its plug-ins used to tie Web servers into SelectAccess. Configurations are stored in an LDAP-compliant directory and automatically pushed out to new validation engines or plug-ins. The company also has added reporting and alerting capabilities and support for wireless authorization.

SelectAccess 5.0 costs $20 per user for 1,000 users. It runs on Windows 2000 and NT, HP-UX 11, Sun Solaris 2.8, and Red Hat Linux 7.2.

RELATED LINKS

Contact Senior Editor John Fontana

Other recent articles by Fontana

OASIS SAML page
More info on the protocol.

Federation key to Web services
Kobielus on the importance of SAML. Network World, 4/29/02.

SelectAccess 5.0
Baltimore.com

Baltimore: www.baltimore.com

Put cybersecurity chief in DHS not the White House, Senator says 11/4/2009
US-CERT moves in with NCC, NCSC 10/30/2009
NSA to build $1.5B cybersecurity center near Salt Lake City 10/26/2009
Powered by Inform

NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.