Skip Links

Send to a friend Feedback

What about Shibboleth?

This open source effort seems confined to research environments for now.

By James Kobielus, Network World
March 22, 2004 12:08 AM ET

Network World - < Back to Our federated future

The Liberty Alliance's standards aren't the only federation specifications that leverage and extend Security Assertion Markup Language 1.x. Another SAML-based federated ID management environment, called Shibboleth, has taken root among higher education and research institutions involved in the Internet2 project. About 40 U.S. campuses participate in the Shibboleth ID federation environment, which lets them leverage local logons for secure but anonymous access to information resources hosted at other institutions.

The Shibboleth community has built its federation environment on the OpenSAML code base. However, the community has defined many extensions to enable user anonymity, privacy protection and other features not supported in the core SAML 1.x standard. The Shibboleth project, which began developing its federation architecture four years ago, provides its code base on an open source basis. The project is entirely separate from the Organization for the Advancement of Structured Information Standards' Security Services Technical Committee (which defines SAML) and the Liberty Alliance. Unlike SAML and Liberty, there are no commercial products or services that implement the Shibboleth code base or specifications.

- James Kobielus

Read more about security in Network World's Security section.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News