Open source ID projects link up with Microsoft

Higgins-Bandit groups develop a new open source tool that could make independent ID systems compatible with Microsoft Windows CardSpace program.

Developers with the Bandit and Eclipse Higgins projects will demonstrate a new open source tool for authenticating users across multiple ID management systems at next week's RSA Conference in San Francisco.

There are so many different systems and needs out there and there will always be a heterogeneous environment of different technologies. Our goal is to bridge the gap between them.
Mary Ruddy,
project co-leadHiggins Project

The organizations have teamed up with a larger community of open source developers to create what they describe as a reference application that allows ID cards generated by one system to be used in another system. Specifically, the demonstration will show how the application can make cards generated from a Liberty Alliance-based ID system such as Novell Access Manager compatible with a non-Liberty Alliance system such as Microsoft Windows CardSpace program.

Mary Ruddy, project co-lead for the Higgins Project, said the goal is to bridge the gap between all the different islands of authentication that have popped up over time.

"Our goal is a more consistent user experience with ID management," she said. "There are so many different systems and needs out there and there will always be a heterogeneous environment of different technologies. Our goal is to bridge the gap between them."

Dale Olds, distinguished engineer with Novell, sponsor of the Bandit project, said such an application is necessary today because walls are crumbling between departments within organizations and between those organizations and the outside world.

"A person may move from a department where they are authenticated via Novell into a department where they are authenticated via Microsoft's technology," he said. The application would allow for that person's Novell-generated credentials to be used in the new department, even though a different ID management technology is in use.

Meanwhile, companies are increasingly engaged in partnerships where federated ID management is needed for the secure sharing of network resources. The Higgins-Bandit tool could make it easier for companies to federate with each other, Olds said.

Jamie Lewis, CEO and research chair of Midvale, Utah-based Burton Group, said the work Bandit and Eclipse Higgins is doing shows a lot of promise.

"There are two basic requirements for translating the potential of recent identity infrastructure developments into real-world benefits for users: interoperability and a consistent means of developing identity-aware applications," he said in a statement. "First, vendors must deliver on their promise to enable interoperability between different identity systems serving different needs. Second, developers need a consistent means of creating applications that leverage identity while masking many of the underlying differences in those systems from the programmer."

Both Microsoft and the Liberty Alliance, a consortium of vendors and users working to develop open federated identity standards for Web services, are enthusiastic about the upcoming demonstration using Web services to link Liberty Alliance protocols with non-Liberty identity access systems.

Dig deeper on Open Source Security Tools and Applications

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close