SAML 2.0 Interoperability Testing
Liberty Alliance Announces Latest Companies Passing SAML 2.0 Interoperability Testing
Products from IBM, NEC, NTT and RSA Security Join Liberty's Growing List of Interoperable Identity Solutions
New York, NY, USA. November 21, 2005.
The Liberty Alliance Project, a global consortium for open federated identity and Web services standards, today announced that products from IBM, NEC, NTT and RSA Security passed interoperability testing at Liberty's recent conformance event. These companies successfully demonstrated that their products meet interoperability standards for Liberty Federation and join nearly seventy other identity products and solutions from multiple vendors that have now passed Liberty interoperability testing.
Liberty Alliance holds regular conformance events at varying locations around the world to test products for interoperability of Liberty identity specifications. After participating in a five-day testing event held in Tokyo earlier this month, IBM, NEC, NTT and RSA Security have demonstrated interoperability of products and solutions that incorporate Liberty Federation (Liberty ID-FF 1.2 and/or SAML 2.0) specifications.
"Liberty's Interoperable Program is about creating a global ecosystem of identity solutions that have been proven to work together in an open federated network environment," said Roger Sullivan, chair of the Liberty Alliance conformance program and vice president of business development for Oracle's Identity Management. "Since Liberty launched the program in 2003, identity products that have passed interoperability testing have been deployed extensively in a variety of industries and vertical market segments worldwide."
Liberty Alliance is the only global identity organization with a history of ensuring identity products from multiple vendors truly interoperate. Implementations must interoperate with at least two other vendor implementations through a series of tests designed to exhaustively exercise specification features in a real-world deployment setting. Symlabs and Trustgenix supported the testing by providing their previously validated Liberty Interoperable products and engineering resources.
Interoperability of products is a key factor in deploying and managing successful identity systems. Organizations specifying products that have met Liberty's requirements for interoperability can count on solutions that will deploy quickly and immediately interoperate with other Liberty-enabled identity solutions. This allows organizations to deploy open federated identity systems faster, more cost-effectively and on the widest possible scale.
"Only when identity products from multiple vendors interoperate will organizations be able to realize all of the benefits of wide-scale federation," said Timo Skytta, vice president of the Liberty Alliance. "We welcome products from IBM, NEC, NTT and RSA Security to the growing list of identity solutions that are helping organizations around the world deploy more successful identity solutions."
At the test event held in Tokyo, Japan, during the week of November 7-11, 2005, the following products and services demonstrated interoperability with one or more of the following Liberty Alliance specifications: Liberty Federation (Liberty Identity Federation 1.2 and SAML 2.0) specifications.
Products And Services Interoperability
IBM Tivoli Federated Identity Manager (FIM) provides a simple, loosely-coupled model for managing identity and access to resources that span companies or security domains. Rather than replicate identity and security administration at both companies, IBM Tivoli Federated Identity Manager provides a simple model for managing identities and providing them with access to information and services in a trusted fashion. For companies deploying Service Oriented Architecture (SOA) and Web Services, FIM provides policy- based integrated security management for federated web services. The foundation of FIM is trust, integrity, and privacy of data. Through this foundation of trust, integrity, and privacy, organizations can share identity and policy data about users and services versus replication identities and security policies locally. The sharing of trusted identities and policies is the key to delivering a richer experience for users navigating between federation sites. A federated model simplifies administration and enables companies to extend identity and access management to third-party users and third-party services. IBM Tivoli Federated Identity Manager (FIM) provides its rich federation functionality by supporting a number of standards and specifications including SAML, Liberty ID-FF, WS-Security, WS-Trust, WS-Federation, WS-Provisioning, XML Digital Signature and XML Encryption.
Liberty-Enabled Proxy (LEP) MODULE is a functional component of NEC Mobile Internet Platform (NEMIP). The LEP MODULE complies with Liberty ID-FF 1.2 LECP standard and manages the operations of Proxy, User Agent, Identity Provider and Service Provider in accordance with the Liberty-Enabled Client/ Proxy profile. This component also complies with SAML 2.0 ECP standard. With the LEP MODULE, NEC Mobile Internet Platform (which completes management of user information, content & services information, agent charging & billing, and flexible support for new features as the platform grows), can successfully provide ideal management services to mobile operators.
NTT's identity information sharing module (I-dLive) is an identity federation platform for subscribers of new broadband network services provided by NTT group companies. This module has achieved certification for SAML 2.0 OASIS Standard, ID-WSF 1.0, ID-FF 1.2 and ID-FF 1.1.
RSA Federated Identity Manager enables businesses to easily and securely share trusted identities between autonomous business units and with customers and partners. A standalone, standards-based solution that is ideal for heterogeneous environments and delivers tight integration with RSA SecurID two-factor authentication technology, RSA Federated Identity Manager offers greater collaboration and revenue-generation opportunities for organizations, and increases end-user convenience and productivity through seamless federated single sign-on to partner sites.
Liberty Alliance maintains a list of all products and services that have passed testing procedures at:
Supporting quotes from Liberty members participating in the Tokyo conformance event:
"We at Symlabs realize that customers looking to adopt Identity Management technologies need ongoing assurance that interoperability of products from different vendors is a top priority. This benefits the industry as a whole, since customers can be confident that they will be able to integrate our products into environments where some of the other vendors will be players as well. The Liberty Alliance SAML 2.0 certification program provides a high level of assurance to customers with respect to interoperability, a benefit not available with federated identity technologies from other sources." — Sampo Kellomaki, Chief Architect, Symlabs (http://www.symlabs.com)
"For the benefit of customers, Trustgenix is committed to helping establish an independent interoperability certification program that governs federation standards, and we believe the Liberty Alliance is the right organization to fill that role. Although Trustgenix achieved Liberty certification for its products earlier this year, we decided to participate in the recent Tokyo event in order to work with vendors who did not participate in the previous tests and lend our technical support to the Liberty Alliance Certification program." — Atul Tulshibagwale, CEO, Trustgenix. (http://www.trustgenix.com)
About the Liberty Interoperable Program
The Liberty Interoperable Program validates implementations of the Liberty Alliance standards for federated network identity and identity-based Web services. The program helps vendors, integrators and implementers ensure interoperability between Liberty-enabled solutions. Liberty Alliance recently expanded the program to include products and services implementing SAML 2.0. Vendors interested in participating in interoperability testing should contact Liberty Alliance at email@example.com. Liberty's Interoperable Program is open to both member and non-member organizations.
About the Liberty Alliance Project
The Liberty Alliance Project (http://www.projectliberty.org/) is a global alliance of companies, non-profit and government organizations developing open standards and business, policy and privacy guidelines for federated network identity. Federated identity offers businesses, governments, employees and consumers a more convenient and secure way to control identity information and is a key component in driving the use of e-commerce, personalized data services and identity-based Web services. Liberty specifications are deployed worldwide by organizations that include American Express, AOL, BIPAC, General Motors, France Telecom, Nokia, NTT and Sun Microsystems. Membership is open to all commercial and non-commercial organizations. A full list of Liberty Alliance members, as well as information about how to become a member, is available at http://www.projectliberty.org.
Liberty Alliance Communications
Tel: +1 718-263-1762 - New York
Tel: +1 908-251-1549 - Mobile
AOL IM: devcommruss
- "Security Assertion Markup Language (SAML)"
- "Liberty Alliance Specifications for Federated Network Identification and Authorization"
Prepared by Robin Cover for The XML Cover Pages archive.