Liberty Alliance Publishes SAML 2.0 Interoperability Testing Matrix
Liberty Alliance Announces First Companies to Pass Full-Matrix SAML 2.0 Interoperability Testing
November Liberty Interoperable Event First to Test Over the Internet and Against US GSA SAML 2.0 Profile Requirements
New York, NY, USA. Liberty Alliance. December 18, 2007.
Liberty Alliance, the global identity consortium working to build a more trusted Internet for consumers, governments and businesses worldwide, today announced that products from Hewlett-Packard, IBM, RSA (The Security Division of EMC), Sun Microsystems, and Symlabs, Inc. have passed Liberty Alliance testing for SAML 2.0 interoperability. These vendors participated in the November 2007 Liberty Interoperable event administered by the Drummond Group Inc. and are the first to pass full-matrix testing Liberty Alliance incorporated into its interoperability program this year. All of these vendors also passed Liberty Alliance testing against the US GSA SAML 2.0 profile, meeting the prerequisite interoperability requirements for participating in the US E-Authentication Identity Federation.
"The success of the Liberty Interoperable program is demonstrated by the wide scale deployment of Liberty-enabled products and the increasing number of businesses and governments now requiring vendors to pass Liberty Alliance testing," said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. "Organizations worldwide are deploying SAML 2.0-based applications to enable secure new business services, help meet regulatory requirements and provide consumers with better protection against online fraud and identity theft."
Internet-based and Full-Matrix Testing Drives New Era of Proven Interoperability
Liberty Alliance continually enhances the Liberty Interoperable program to meet cross-industry demands for proven interoperable identity solutions. The November event was the first to conduct Internet-based and full-matrix testing. Internet-based testing allows vendors to participate in the same interoperability event from anywhere in the world. Full-matrix testing requires each vendor to test with every other participant to ensure testing mirrors real word identity federation interoperability requirements. The breadth and depth of these testing procedures provides deploying organizations with assurances that products have proven to interoperate with each other across the widest possible range of deployment scenarios.
During the Internet-testing period held from Oct. 1 - Nov. 30, 2007, the following products and services demonstrated interoperability based on a variety of SAML 2.0 conformance modes, including Identity Provider (IdP) and Service Provider (SP) test modes. A detailed list of what each vendor passed is available.
Products Passing SAML 2.0 Interoperability Testing
Hewlett-Packard: HP Select Federation 7.0
HP Select Federation 7.0 enables the comprehensive, cross-enterprise SSO and sharing of identity details through the concurrent support of all the major federation standards. HP Select Federation greatly reduces the effort and cost required to integrate multiple services and partnerships through the use of a federation router. The router effectively acts as an SP for any IDP that has a trust relationship with it, and acts as an IDP for any SP that has a trust relationship with it. Additionally, HP Select Federation includes integrated opt-in user privacy controls and end-to-end audit management capabilities, allowing organizations to meet corporate and regulatory privacy requirements.
IBM: Tivoli Federated Identity Manager, version 6.2
IBM Tivoli Federated Identity Manager (TFIM) delivers a versatile federated single sign-on solution that conforms to SAML, WS-Federation and Liberty ID-FF federation protocol standards and offers a modular web access management and web-services identity trust management for use in an SOA environment. Using IBM TFIM, customers can deploy a scalable federated single sign-on solution to integrate with their existing identity and access management infrastructure and connect with a diverse set of business partners or even different business units or security domains within an enterprise. With IBM TFIM, customers also can implement an "identity-aware" ESB to address the business-level challenges of security in an SOA environment.
RSA, The Security Division of EMC: RSA Federated Identity Manager 4.0
RSA Federated Identity Manager enables enterprises to share trusted user credentials securely and confidently. RSA Federated Identity Manager v4.0, the latest release, is designed to simplify administration and accelerate deployment timelines. RSA Federated Identity Manager v4.0 supports SAML 1.1 and 2.0, WS-Fed v1.0 and ADFS v1.0. The solution includes out-of-the-box integrations with numerous authentication authorities including BEA Weblogic, IBM Websphere and Microsoft IWA and .NET. Partner configuration management is aided by a configuration dashboard and automated metadata exchange.
Sun Microsystems: Sun Java System Federated Access Manager 8.0
Sun Java System Federated Access Manager 8.0 is the next release of Sun's access management and federation solution. Developed from the OpenSSO open source distribution (www.opensso.org), Sun's Federated Access Manager will provide comprehensive access management, federation, and web services security as modular components within a single Java application. Customers will be able to choose what components to deploy, while maintaining a single license and product. This product will be a key component of Sun's identity management portfolio.
Symlabs, Inc.: Symlabs Federated Identity Suite version 3.3.0
Symlabs Federated Identity Suite is a complete set of components with the flexibility to create an ideal identity management solution for nearly any environment. It includes a federation server with identity provider, service provider, and identity web services capabilities, plus client connectors, templates, samples, and a powerful built-in scripting language to build, integrate and customize identity management solutions in record time. Symlabs Federated Identity Suite can be tailored for service provider, network operator, or enterprise network deployments to create circles of trust, enhance existing systems with single sign-on/log-off, or roll out new identity-based services that make it safe and easy to use personal and business information in networked applications.
Organizations requiring products that have passed Liberty Alliance interoperability testing know that those products can be used together to deliver real identity management value to users, businesses and governments over the long-term. Since launching the Liberty Interoperable program in 2003, nearly 80 identity products and solutions from vendors around the world have passed Liberty Alliance interoperability testing. A list of all vendor products that have passed testing is available.
In addition to robust interoperability testing, Liberty Alliance holds public workshops to review SAML 2.0 profile requirements, such as those required by the US GSA E-Authentication Solution. All developers, system integrators and vendors are invited to attend these public events. More information about the Liberty Interoperable program is available.
About Liberty Alliance
Liberty Alliance is a global identity consortium with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted Internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, Ericsson, Fidelity Investments, France Telecom, HP, Intel, Novell, NTT, Oracle, and Sun Microsystems. The Liberty Interoperable program tests vendor products for true interoperability of Liberty Federation, which consists of ID-FF 1.1, 1.2 and SAML 2.0; Liberty Web Services, which consists of ID-WSF 1.0, 1.1, 2.0; and Liberty People Service specifications. More information about Liberty Alliance is available at www.projectliberty.org.
Contact
Russ DeVeau
Liberty Alliance
WWW: http://www.projectliberty.org
Tel: +1 508-487-6102, +1 908-251-1549
Email: russ@projectliberty.org
[source]
Prepared by Robin Cover for The XML Cover Pages archive. See also: "Security Assertion Markup Language (SAML)."