Developers with the Bandit and Eclipse Higgins projects will demonstrate a new open source tool for authenticating users across multiple ID management systems at next week's RSA Conference in San Francisco.
The organizations have teamed up with a larger community of open source developers to create what they describe as a reference application that allows ID cards generated by one system to be used in another system. Specifically, the demonstration will show how the application can make cards generated from a Liberty Alliance-based ID system such as Novell Access Manager compatible with a non-Liberty Alliance system such as Microsoft Windows CardSpace program.
Mary Ruddy, project co-lead for the Higgins Project, said the goal is to bridge the gap between all the different islands of authentication that have popped up over time.
"Our goal is a more consistent user experience with ID management," she said. "There are so many different systems and needs out there and there will always be a heterogeneous environment of different technologies. Our goal is to bridge the gap between them."
Dale Olds, distinguished engineer with Novell, sponsor of the Bandit project, said such an application is necessary today because walls are crumbling between departments within organizations and between those organizations and the outside world.
"A person may move from a department where they are authenticated via Novell into a department where they are authenticated via Microsoft's technology," he said. The application would allow for that person's Novell-generated credentials to be used in the new department, even though a different ID management technology is in use.
Meanwhile, companies are increasingly engaged in partnerships where federated ID management is needed for the secure sharing of network resources. The Higgins-Bandit tool could make it easier for companies to federate with each other, Olds said.
Jamie Lewis, CEO and research chair of Midvale, Utah-based Burton Group, said the work Bandit and Eclipse Higgins is doing shows a lot of promise.
"There are two basic requirements for translating the potential of recent identity infrastructure developments into real-world benefits for users: interoperability and a consistent means of developing identity-aware applications," he said in a statement. "First, vendors must deliver on their promise to enable interoperability between different identity systems serving different needs. Second, developers need a consistent means of creating applications that leverage identity while masking many of the underlying differences in those systems from the programmer."
Both Microsoft and the Liberty Alliance, a consortium of vendors and users working to develop open federated identity standards for Web services, are enthusiastic about the upcoming demonstration using Web services to link Liberty Alliance protocols with non-Liberty identity access systems.