Liberty Alliance, Microsoft Discuss Identity Protocols

The Liberty Alliance, a consortium working on policy and technology issues for identity management, is discussing with Microsoft how to reconcile their competing sets of protocols for secure Web transactions.

“We have finally put down the boxing gloves and are trying to figure out how to solve our customers’ problems,” said Roger Sullivan, the newly elected president of the Liberty Alliance and vice president of Oracle’s identity management section.

The Liberty Alliance, whose participants include Hewlett-Packard, Sun Microsystems and IBM, backs the ID-Web Services Framework (ID-WSF), a set of protocols for Web services. Microsoft supports another set, WS-Star.

The protocols are used for secure information exchanges over the Internet. Eventually, the standards will likely converge, Sullivan said. Microsoft has been “cordial” in discussions with the Liberty Alliance, he said.

“We believe the Web Services Framework from Liberty very well complements the WS-Star protocols,” Sullivan said.

But two sets of standards create problems for enterprises that may have already invested in infrastructure, and enterprises may delay identity projects because of confusion, he said.

“We have customers who have deployed WSF, and we need to help them reconcile the two standards stacks so when convergence happens, it will be logical,” Sullivan said.

Over the next year, that will mean working with vendors to ensure the transition is smooth and doesn’t jeopardize expensive software investments, Sullivan said.

The identity and access management field has been hampered in the past by competing standards protocols, according to a report released last month by analyst IDC.

However, with the protocol standards debate settling, IDC expects the revenue for identity technologies to rise from US$3 billion in 2005 to $5.1 billion in 2010.

A first step toward stability came in 2005, with the ratification of security assertion markup language (SAML) 2.0, an XML-based framework for exchanging identity information, IDC said. SAML 2.0 was backed by the Liberty Alliance and is now widely used in vendor products.

Standards-based secure Web transactions are seen as key to improving everything from the efficiency of how supply chains operate to simplifying authentication on multiple websites.

Organizations, however, are still working on the legal and liability issues surrounding the use of identity management technology. Sullivan said the Liberty Alliance will help by publicizing successful case studies.

Microsoft officials reached in London Wednesday morning could not immediately comment on the discussions.

-Jeremy Kirk, IDG News Service (London Bureau)

Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.