Multivendor identity systems can work together, demo shows

CA, IBM, Microsoft, Novell, Oracle, VeriSign and others behind push for users to control identity information

San Francisco – A unique demonstration showed user-centric identity software from major vendors, start-ups, one-woman projects and open source hackers all working in concert to replace passwords with validated identity-card access to Web-based resources.

The two-hour interoperability demonstration hosted at the annual Burton Group Catalyst conference was co-sponsored by the Open Source Identity System (OSIS), which is a working group within the Identity Commons project to unite the leaders of open source efforts around digital identity.

The OSIS steering committee includes CA, Cordance, IBM, Microsoft, NetMesh, Novell, Nulli Secundus, Oracle, Parity Communications, Ping Identity, Sxip Identity and VeriSign.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

San Francisco – A unique demonstration showed user-centric identity software from major vendors, start-ups, one-woman projects and open source hackers all working in concert to replace passwords with validated identity-card access to Web-based resources.

The two-hour interoperability demonstration hosted at the annual Burton Group Catalyst conference was co-sponsored by the Open Source Identity System (OSIS), which is a working group within the Identity Commons project to unite the leaders of open source efforts around digital identity.

The OSIS steering committee includes CA, Cordance, IBM, Microsoft, NetMesh, Novell, Nulli Secundus, Oracle, Parity Communications, Ping Identity, Sxip Identity and VeriSign.

The demo’s intent was to show that emerging user-centric identity systems -- which put users in control of their own identity information -- can be federated and act as a universal identity mechanism for access to Web-based resources.

This identity layer is commonly known as the “identity metasystem” a term coined by Microsoft identity architect Kim Cameron.

But while the lofty goal of user-centric identity is still in the distance, Wednesday’s demonstration showed that it is obtainable.

The demonstration focused on technology that uses identity protocols OpenID, WS-*, and the Security Assertion Markup Language (SAML). While the user-centric identity model today is more closely aligned with consumer needs, corporate users see the technology as a potential means for handling some of their own federated identity issues.

“This seems to address a number of enterprise needs that we have,” said an IT architect for a Fortune 50 company he asked not be identified. “It could provide our community of company retirees with credentials that are better than a user name and password and that are more cost effective to manage and that are going to be more user friendly. It seems like a perfect model, so I am excited about that.”

But he said the key will be that all the different protocols interoperate – or better yet, get boiled down to one – because if they don’t, it will necessitate integration middleware that he said would make the technology less attractive because of added costs and management headaches.

The OSIS demonstration began to wash away some of those fears.

Participants included such groups as the Bandit Project, the Eclipse Foundation's Higgins Project, Internet2 Shibboleth Project, the Pamela Project, XMLDAP and SocialPhysics; and vendors BMC Software, CA, FuGen Solutions, IBM, Microsoft, NetMesh, Novell, Nulli Secundus, Oracle, Ping Identity, Sxip, VeriSign, and WSO2.

The room included 42 separate user-centric identity applications or projects sharing credentials and identity infrastructure to sign users into a photo-sharing Web site.

Independent developers Chuck Mortimore and Ian Brown were in the back of the room showing off their OpenInfoCard and Safari InfoCard browser plug-ins, respectively, in what they jokingly termed the “hippy section.”