Ping Identity Software Addresses ID Management

Targeting companies looking for more secure authentication systems, Ping Identity on Monday announced two products addressing identity federation and secure single sign-on (SSO).

PingFederate 4 is designed to let companies with linked networks have a single authentication point for users. The software includes role-based administration tools and logging capabilities for compliance, and supports clusters of geographically distributed servers, said Mike Donaldson, vice president of marketing for Ping Identity.

The software also supports four protocols used in sharing identity credentials: WS-Federation, security assertion markup language (SAML) 1.0, SAML 1.1 and SAML 2.0. Donaldson said about 60 percent of the company’s customers are implementing SAML 2.0, a specification ratified in February 2005.

Companies are increasingly looking to identity federation projects to reduce costs associated with password management and make it easier for users. For example, a company could allow those logged into its human resources website to be directed to retirement plan information hosted by a different company without re-entering their log-in and password.

PingFederate 4 is available for a free trial download that expires after six months or 100,000 transactions, whichever comes first, Donaldson said. Pricing varies, but one option allows the software to be used on any number of servers for up to 1 million transactions for US$30,000, he said.

PingFederate runs on Microsoft’s Windows servers and Linux, and will eventually be certified for Unix, Donaldson said.

Ping Identity’s second offering is SSO and user authentication server software for Web-facing applications.

PingLogin, which will ship in July, is middleware written in Java that allows various methods of strong identity authentication, such as the use of smart cards and biometrics, for access to applications.

In the past, companies have deployed proprietary log-in systems, and Ping Identity says its software streamlines identity verification and can quickly accommodate changes.

The software has an administration server used to manage a log-in server through a Web-based GUI. The log-in server can collect credentials from different types of devices, such as smart phones, using transport protocols such as HTTP, simple object access protocol and XML.

Once a user has been authenticated, a security token is created that allows access to other applications.

The initial market for PingLogin will be commercial banks, which are adopting stronger authentication methods, said Ryan T. Hunter, director of product marketing.

The software will ship in July and costs $100,000 per server with a two-CPU limit. It will run on Windows 2003 server and Red Hat Network 3.1.

-Jeremy Kirk, IDG News Service

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.