• United States

Users demand single spec for ID mgmt.

Oct 20, 20033 mins
Access ControlIBMMicrosoft

Corporate executives are demanding convergence of competing federated identity management specifications, making the developers of those specifications feel the heat. But the standoff eventually could hurt end users.

DENVER – Corporate executives are demanding convergence of competing federated identity management specifications, making the developers of those specifications feel the heat. But the standoff eventually could hurt end users.

A federated identity management standard would let companies more easily share authentication, authorization and policy data across corporate boundaries as part of XML-based Web services deployments. The notion of identity, not only of end users but machines that share data, is thought to be key in adopting Web services.

Convergence of competing specifications from the Liberty Alliance, a consortium of 160 vendors and end-user organizations, and the partnership of IBM/Microsoft appears inevitable, experts say. But so far the two sides are making no promises while continuing to jockey for a leadership position.

“We are voicing our concern over this rift because we need interoperability, and if we continue with multiple standards we don’t get it,” said one executive with a Fortune 100 manufacturer who requested anonymity. “As a major customer of both IBM and Microsoft, and as a member of the Liberty Alliance, we think we can influence them over time, and we are encouraging other companies and our business partners to do the same.”

Liberty’s initial Identity Federation Framework, released last year, is available in more than 20 products, including products from Novell and Sun, and the group is well along with Phase 2 of its specification. However, critics say that phase, called the Identity Web Services Framework (ID-WSF), could spark further contention with IBM/ Microsoft.

Last week, the Liberty Alliance laid out the differences between its specification and IBM/Microsoft’s WS-Federation at the Digital ID World executive conference. The Alliance also announced a certification program and a merger with Radicchio, which developed a platform for mobile security.

“The ID-WSF starts to bleed into what IBM and Microsoft are doing, and there is much more potential for conflict,” says Jamie Lewis, CEO of research firm Burton Group.

The IBM/Microsoft tandem still is formulating its set of specifications, including WS-Federation and WS-Policy, under the WS-Security standard. The two also continue to work outside formal standards bodies, a fact that is causing many large companies to pressure the two to get on a standards track.

“Absolutely we are putting pressure on IBM and Microsoft,” says Tony Scott, CTO of General Motors, which is a member of the Liberty Alliance and in the process of deploying the technology. “We have a list of standards, and we will not use anything that is not compliant with that list. We are discussing with all sides a clear path for convergence. It is essential that the parties cooperate.”