• United States

The real deal about IBM, Novell and Project Higgins

Mar 06, 20063 mins
Access ControlIBMNetworking

* A tempest in a teapot

You must have seen at least one of these headlines last week:

* “Project Higgins: IBM’s response to Microsoft InfoCard?”

* “IBM developing online ID system similar to Microsoft’s InfoCard”

* “Open Source Higgins Project Takes On Microsoft’s InfoCard”

* “IBM And Open Source Allies Prepare To Take On MS’ Infocard”

* “IBM Bucks Microsoft’s Infocard”

And my personal favorite “Passport’s heir gets open source competition”

The one thing they all had in common is that they were all wrong, misleading even. The Higgins Project (as you read here last fall) is a “framework to build user-centric, ID-enabled services.” InfoCard, on the other hand, is an application or services for the Windows platform enabling a user to plug their identity into what’s called the “identity metasystem,” a loosely defined, constantly morphing fabric allowing ID providers and ID consumers to transact ID activity in a secure, privacy-protecting way using the worldwide IP network.

It would be possible to use the Higgins framework to construct a service that participated in the identity metasystem, though it wouldn’t necessarily compete with Microsoft’s InfoCard but, rather, be complementary to it.

The flap all started when IBM and Novell issued a press release announcing that they would contribute software to the Higgins Project and that IBM would “incorporate Higgins technology within its Tivoli identity management software.” This is interesting, because Higgins really is a framework that allows developers to incorporate identity-based services into their applications. Hasn’t IBM already integrated identity into its applications?

The situation was further muddled by this quote in the press release from Tony Nadalin, distinguished engineer and chief security architect at IBM: “Open source ensures… that customers won’t be locked into a proprietary architecture when they adopt user-centric identity management systems.” Reporters and editors took that to be a direct slap at Microsoft. But, as Nadalin explained (via e-mail): “Joining this project was a direct result of customers coming to IBM wanting interoperability with Microsoft Infocards and IBM software (along with interoperability with other identity systems like SXIP, LID, OpenID, etc), so we needed a framework with service interfaces that would allow this to occur and IBM believes it’s best if this is done in an open source community.”

So no matter what the various technology scandal sheets are saying, no matter what “spin” people try to put on this, it boils down to IBM and Novell recognizing that they need a way to participate in the user-centric identity arena and choosing the well-established Higgins Project as their vehicle to do so. It really is a tempest in a teapot!