Sun launches open source OpenSSO for identity management |
 |
By Neil Roiter, Senior Technology Editor, Information Security magazine
30 Sep 2008 | SearchSecurity.com |
|
|
Sun Microsystems' OpenSSO Enterprise is a major upgrade over its Sun Java System Access Manager predecessor and analysts say it's an intriguing open source model for major commercial products.
|
| Sun MicroSystems: |
Sun acquires Vaau for identity management: To better serve customers preoccupied with regulatory compliance and identity management, Sun has acquired enterprise role-management vendor Vaau.
Sun shifts strategy with GRC push: Sun Microsystems is making a move into the governance, risk and compliance market, ramping up the competition against Oracle, IBM, CA and others.
Security360: Identity management market: Analyst Mark Diodati describes the leaders of the identity management market; IBM's Joe Anthony explains Big Blue's strategy and Novell's Dale Olds on user-centric identity. |
|
|
|
|
OpenSSO Enterprise, announced today, combines access management, federation and secure Web services in a single product. It was built in collaboration with the OpenSSO project which is based on Access Manager code. The core components are available for download.
Sun Microsystems Inc. has staked a lot on its open source initiatives to enhance its stature in the development community, strengthen its offerings, and, of course, boost sales.
"I want to see how this conversation with practitioners around open source and downloading identity management as open source pieces translates into c-level conversations in the board room and actual sales," said Andras Cser, senior analyst at Cambridge, Mass.-based Forrester Research Inc.
John Barco, Sun's director of product management said OpenSSO represents the company's overall strategy for making all operating system software open source.
"As we gain more experience with putting open source projects on the market, we're hearing a lot from customers about why they are increasingly interested in vendors that offer open source products and software," Barco said.
He cited transparency about the product, the code and the development roadmap, so customers know what features are coming. In that vein, the new model will give customers the option of downloading fully tested product updates at three-month intervals, or wait for the full annual update release. Barco said the open source approach allows this kind of schedule, as the community participation helps vet new releases.
Forrester's Cser sees a lot of upside in the open source approach.
"If something is open source, you get a whole community feeling, a community buzz around the product," he said. "The features are one thing, but at the end of the day, you really want to have a developer community and commercially available implementation talent for software."
Accordingly, Cser thinks this model may open opportunities for Sun's system integrator channel, including partners like Deloitte & Touche LLP and Accenture Inc.
Open source aside, OpenSSO packs a lot more than the last Access Manager release:
Access management with an embedded directory server, OpenDS, so OpenSSO can be implemented without necessarily configuring or deploying a stand-alone directory. Barco said that OpenDS is purpose-built for embedded technologies and telcos; it's not meant to compete with or supplant the company's SunOne enterprise directory.
The federation is a hub-and-spoke architecture, the spokes being easy-to-implement packages called, somewhat cutely, Fedlets (reminiscent of Big Fix's Fixlets?). The architecture, Barco said, allows enterprises to create federation partners by simply sending a small (8.5 MB) Fedlet package. The partner adds the Fedlet to the appropriate container, filter or application to create a quick SAML 2.0-based relationship.
The Secure Web services component includes a security token service, which can also be deployed standalone to support third-party products.
|
|
|
|
