Baltimore Technologies this week will release the first Web access-management software that features an emerging security protocol designed to support interoperable authentication services.
With SelectAccess 5.0, Baltimore is the first vendor to release an implementation of Security Assertion Markup Language (SAML). The company's major competitors, including Netegrity, Oblix, RSA Security and Open Network Technologies, also plan to implement the 1.0 specification before year-end.
Federation key to Web services
Kobielus on the importance of SAML
The first version of the protocol, which the Organization for the Advancement of Structured Information Standards is scheduled to ratify in June, is an XML framework for exchanging authentication and authorization credentials.
SAML can be used between any network security boundaries. It promises to allow interoperability between disparate Web access-management systems, which are used to control access to corporate networks. That should free IT executives from product lock-ins and cumbersome gateways, advocates say.
"Many enterprises say they want to provide Web single sign-on in a standard way that is vendor neutral, and SAML is important in enabling that to happen," says James Kobielus, an analyst with The Burton Group and a Network World columnist. "All these access management vendors know they need to have their products interoperate, so they are behind SAML."
The major vendors will hold a proof-of-concept test at The Burton Group's annual Catalyst Conference in July.
Kobielus warns that SAML won't realize its potential unless implementations of the specification are consistent across vendors' products. That is not always an easy task, as evidenced by initial troubles to get vendors' implementations of Lightweight Directory Access Protocol (LDAP) to work together.
SelectAccess 5.0 also features a new automatic configuration service for its validation engine and its plug-ins used to tie Web servers into SelectAccess. Configurations are stored in an LDAP-compliant directory and automatically pushed out to new validation engines or plug-ins. The company also has added reporting and alerting capabilities and support for wireless authorization.
SelectAccess 5.0 costs $20 per user for 1,000 users. It runs on Windows 2000 and NT, HP-UX 11, Sun Solaris 2.8, and Red Hat Linux 7.2.
RELATED LINKS
Contact Senior Editor John Fontana
Other recent articles by Fontana
OASIS SAML page
More info on the protocol.
Federation key to Web services
Kobielus on the importance of SAML. Network World, 4/29/02.
SelectAccess 5.0
Baltimore.com
Baltimore: www.baltimore.com
Error 404--Not Found |
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:10.4.5 404 Not FoundThe server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent. If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address. |
