Twelve Companies Earn Liberty Alliance Interoperable Mark in Conformance Test
Twelve Companies Earn Liberty Alliance Interoperable Logo at First Event to Test Identity Web Services Conformance
Denver, CO, USA. October 25, 2004.
The Liberty Alliance, the global consortium developing an open federated identity standard and business tools for implementing identity-based services, today announced products and services from 12 companies have earned the Liberty Alliance Interoperable mark in the latest Liberty-sponsored conformance test — the first event to test against the Liberty Identity Web Services specification ID-WSF 1.0. The Liberty Alliance continues to be the only organization to offer more than simple specification interoperability testing and officially validate Liberty Federation and Identity Web Services implementations in products and services.
Alcatel, Elios, IBM, NEC, Nokia, Novell, NTT, Oracle, Ping Identity, Sun Microsystems, Symlabs and Trustgenix have been awarded the "Liberty Alliance Interoperable" mark. Following a rigorous testing process, conformant products may display the Liberty Alliance's highest stamp of quality, which offers buying assurances to end customers that products are truly interoperable out- of-the-box, shortening deployment cycles, increasing productivity and saving costs.
"Participants are responding to market demand for validation of quality and assurance of true interoperability," said Roger Sullivan, vice-chair of the Liberty Alliance Conformance Expert Group. "The conformance program offers vendors and service providers the opportunity to respond to the customer mandate for products and services that have earned the 'Liberty Alliance Interoperable' mark."
The Liberty conformance program requires that each company successfully complete tests against scripts and scenarios prepared by the Liberty Alliance Conformance Expert Group and published on the Liberty Alliance website. As part of the testing, companies must demonstrate interoperability with at least two other randomly selected participants. The program requires repeated operation of the Liberty specification's core features in many combinations and sequences and in different roles and contexts common to real-world deployments. The federation testing reviewed federation establishment and termination, single sign-on, opaque name registration, affiliation, identity proxying and anonymous login. The identity web services testing reviewed authentication, service registration and update, service lookup, service invocation and interaction.
"Liberty is pleased with the rapid adoption of its Identity Web Services specifications, and the response of both members and non-members who want to assure the market that their products will interoperate with these specifications out of the box," said Donal O'Shea, Executive Director of Liberty Alliance. "Companies who have earned the 'Liberty Alliance Interoperable' mark report that customers more easily create partnerships, in part because displaying the mark delivers instant market credibility and assures rapid deployment."
At the conformance test event held in Tokyo, Japan during the week of October 11-15, 2004, the following products and services demonstrated conformance with the Liberty Alliance Identity Federation Framework version 1.1 and 1.2 (ID-FF1.1 and ID-FF1.2), and the Liberty Alliance Web Services Framework version 1.0 (ID-WSF 1.0):
Alcatel — The multi-protocol (HTTP, SIP, WAP, SMTP) Alcatel 5301 Proxy Platform provides a complete execution, management and development environment for Java proxy applications such as a service selection proxy and various enrichment proxies (e.g., location, profiling, access control proxy). It is also the foundation of the Alcatel 5311 WAP Gateway. Its Liberty Enabled Proxy module, built on Liberty Alliance ID-FF specifications, allows users to switch transparently from a secured and trusted federated service to another one. To enable this, the proxy platform acts as a LECP and performs the required Single Sign-On interactions with identity providers and services providers.
Elios — iCAP LEP 1.0 is a powerful and a high-performance Liberty-Enabled Proxy. Based on the ICAP technology, iCAP LEP enhances HTTP proxy or WAP gateway to support Liberty Single Sign-On and Authentication features. By respecting the Liberty protocols (Liberty ID-FF 1.1 and 1.2), iCAP LEP simplifies authentication process between Liberty Identity Providers and Service Providers. With no installation on the user devices, iCAP LEP is transparent for any browser embedded in mobile phones, PDA or computers. Efficient, modular, reliable and scalable, iCAP LEP can be easily integrated to enterprises and carriers architecture. iCAP LEP is an ELIOS product based on France Telecom patent and technology.
IBM — The IBM Tivoli Access Manager software family helps enterprises extend identity management to trusted partners. Supporting a rich set of standards, IBM Tivoli Federated Identity Manager extends enterprise user lifecycle management capabilities to trusted third-parties, simplifying identity and access administration. IBM's software implements a multi-protocol federation gateway with integrated management support for Liberty ID FF 1.1/1.2, SAML and WS-Federation. The added federation capability enables enterprises to quickly and securely integrate identity-driven transactions with their middleware and portal platforms.
NEC — NEC SECUREMASTER 4.1 is an identity and access management platform that provides secure federated identity and access policy solution for enterprises and customers through Liberty identity federation 1.2 protocols as well as SAML 1.1, enhancing its previous versions that have offered single sign-on capabilities for mission critical business. SECUREMASTER enables developers and integrators to easily and rapidly deploy web-based services that require secure interactions of private information such as authentication and authorization credentials among business partners on top of existing applications, with a small amount of adaptation costs. It is scheduled that SECUREMASTER 4.1 will be released at the end of March in 2005.
Nokia — The Nokia Web Services framework for mobile devices enables both identity and basic Web services, making the device a fully integrated part of the end-to-end Web services world. It has been designed to shield complexity from developers, making it suitable for a wide spectrum of Web services applications for both consumers and enterprises. The ease of application development, the identity-aware functionality, the high degree of automation and the standards-based approach make it a cost-efficient, user- and developer-friendly framework. Nokia Web Services framework for mobile devices is designed with the future in mind — additional functionality can be added as a plug-in.
Novell — Novell is developing a Web authentication/authorization product, code-named "Odyssey," that enables the secure federation of identity data through both the Liberty Alliance specifications and the SAML protocol. With this, customers will have one of the industry's first viable options for establishing trusted relationships with business partners based on open standards. It is scheduled to ship in the first half of 2005.
NTT — NTT's identity information sharing module is an identity federation platform for subscribers of new broadband network services provided by NTT group companies. This module has achieved certification for ID-WSF 1.0, ID-FF 1.2 and ID-FF 1.1.
Oracle — Oracle Secure Federation Services supports the full complement of Liberty ID-FF 1.1 and Liberty ID-FF 1.2 protocols, allowing customers to deploy Liberty Identity and Service Providers in a circle of trust. Oracle Secure Federation Services is a component of Oracle Identity Management — an integrated, scalable and robust identity management infrastructure.
Ping Identity — The Liberty ID-FF 1.1 .Net Toolkit Release 1.1 is an easy-to-use toolkit API for managing Identity Federation. It accepts all inbound Liberty Alliance version 1.1 protocol traffic, parses and validates it, and delegates high-level actions to customer-provided plug-in points to perform services such as account federation, de-federation and global logout. Additionally, the toolkit creates conformant outbound traffic. It provides single sign-on functionality that can be integrated into existing ASP.NET 1.x applications. This enables these applications with Liberty ID-FF 1.1 capabilities — allowing them to share user authentication credentials in a cross-domain manner with applications in other security domains.
Sun Microsystems — Sun Java System Access Manager 2004Q2 provides open, standards-based authentication and policy-based authorization with a single, unified framework for: securing the delivery of essential identity and application information, improving the user experience through single sign-on, and enabling trusted networks with partners, suppliers and customers. Java System Access Manager 2004Q2 is one of the first products to support federation standards, including both the latest Liberty Alliance specifications for Identity Federation and Identity Web Services as well as the SAML 1.1 specifications.
Symlabs — Symlabs Liberty Identity Manager, SLIM R2.4, is certified Liberty ID-FF 1.2 identity management server. Symlabs Liberty Identity Manager is a high performance LDAP proxy and virtual directory designed for carrier grade scalability. Symlabs Liberty Identity Manager's unique virtual meta directory approach enables customers to deploy federated identity services on existing databases and directories and to continue hosting legacy applications on the same platform.
Trustgenix — Trustgenix IdentityBridge is a full-featured federation server that supports all popular federated identity protocols, including Liberty and SAML. IdentityBridge has the broadest Liberty Interoperable Certification profile, including ID-WSF 1.0, ID-FF 1.2, and ID-FF 1.1. IdentityBridge gives customers a wide choice of cross-domain identity features such as provisioning, privilege management, and single sign on in heterogeneous environments and/or for web services applications. Trustgenix's turnkey solution complements and is non-disruptive to existing Identity / Access Management System deployments and homegrown single sign-on systems. It can be deployed in days and is ideal for seamless extranets, e-Government / e-Authentication, and bridging intranet identity islands.
Liberty Alliance maintains a list of all products and services that have passed the conformance testing procedures and can bear the Liberty Alliance Interoperable logo. Information is available at:
About the Liberty Alliance Conformance Program
The conformance program managed by the Liberty Alliance validates implementations of the Liberty Alliance standards for federated network identity. The program helps vendors, integrators and implementers ensure interoperability between Liberty-enabled solutions. Liberty Alliance will be offering additional conformance events, expanding to include products and services implementing Liberty Alliance's Identity Web Services Framework. Interested parties should contact Liberty Alliance at firstname.lastname@example.org for logistics and registration information. The program is open to both members and non-members.
About the Liberty Alliance Project
The Liberty Alliance Project (http://www.projectliberty.org/) is an alliance of more than 150 companies, non-profit and government organizations from around the globe. The consortium is committed to developing an open standard for federated network identity that supports all current and emerging network devices. Federated identity offers businesses, governments, employees and consumers a more convenient and secure way to control identity information in today's digital economy, and is a key component in driving the use of e- commerce, personalized data services, as well as web-based services. Membership is open to all commercial and non-commercial organizations.
If you are interested in seeing the full list of Liberty Alliance members or are interested in becoming a member, please visit us at http://www.projectliberty.org/.
Michael Barash of Ketchum PR
Prepared by Robin Cover for The XML Cover Pages archive. General references in "Liberty Alliance Specifications for Federated Network Identification and Authorization."