Start-up tackles identity-as-service

The foundation for security and enterprise management

The mantra of the federation generation could be "no corporation is an island" and that's been taken as the marketing slogan for a new identity-as-a-service start-up called "GLUU."

GLUU was announced at the recent Sun-sponsored OpenSSO Community Day in San Francisco. According to GLUU CEO Michael Schwartz, "…organizations today are defined not only by their internal personnel, but by their communities: their essential suppliers, partners and customers. Traditional identity management solutions do not address the challenges of managing community identities. Failures in community identity management can lead to significant security problems, even where sophisticated authentication and authorization processes are in place."

So Schwartz brought forth GLUU, the identity solution for the "metaprise" (his term), defined as the enterprise (or other organization) plus the community of suppliers, partners, and customers essential to its success. That community can federate through GLUU quickly and easily. The "owner" of the community can define what user attributes are published in the community. Then each organization that chooses to join the community can specify which people within the organization should be published in this community.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

The mantra of the federation generation could be "no corporation is an island" and that's been taken as the marketing slogan for a new identity-as-a-service start-up called "GLUU."

GLUU was announced at the recent Sun-sponsored OpenSSO Community Day in San Francisco. According to GLUU CEO Michael Schwartz, "…organizations today are defined not only by their internal personnel, but by their communities: their essential suppliers, partners and customers. Traditional identity management solutions do not address the challenges of managing community identities. Failures in community identity management can lead to significant security problems, even where sophisticated authentication and authorization processes are in place."

So Schwartz brought forth GLUU, the identity solution for the "metaprise" (his term), defined as the enterprise (or other organization) plus the community of suppliers, partners, and customers essential to its success. That community can federate through GLUU quickly and easily. The "owner" of the community can define what user attributes are published in the community. Then each organization that chooses to join the community can specify which people within the organization should be published in this community.

The partners in the community need to install a virtual appliance that is GLUU's connector to the organization. The connection is fully SAML 2.0 compliant. Once the appliance is installed, you can create multiple communities that are independent of each other (or co-dependent or inter-dependent -- it's up to you). You could allow your suppliers' salespeople access to your inventory figures, or give your clients access to buying tools, for example.

From a privacy/security perspective, you only need to share precisely the data necessary for the task you're looking to accomplish.

There is no charge to use GLUU. Like many open source projects, the plan is to charge for services (installation help, maintenance and so on) somewhere down the road. Currently there is no easy installation service so a GLUU engineer will need to work with you to install the virtual appliance and connect it up properly to your identity datastore. In the future (once there's a user-friendly installation service) there'll be a charge for the hand-holding but for now that's free too.

GLUU might be just what you need to hold your cloud-based community together.

Read more about security in Network World's Security section.

Dave Kearns is a consultant and editor of IdM, the Journal of Identity Management.