1 / 19

What is the Liberty Alliance ?

What is the Liberty Alliance ?. • A business alliance, formed in Sept 2001, with the goal of establishing an open standard for federated identity management • Global membership consists of consumer- facing companies and technology vendors as well as policy and government organizations.

thiery
Télécharger la présentation

What is the Liberty Alliance ?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What is the Liberty Alliance ? • A business alliance, formed in Sept 2001, with the goal of establishing an open standard for federated identity management • Global membership consists of consumer- facing companies and technology vendors as well as policy and government organizations tutorial_draft.pdf

  2. Goals : – Provide open standard and business guidelines for federated identity management spanning all network devices – Provide open and secure standard for SSO with decentralized authentication and open authorization – Allow consumers/ businesses to maintain personal information more securely, and on their terms tutorial_draft.pdf

  3. Open Interaction and Participation tutorial_draft.pdf

  4. ID-FF Concepts • Simplified Sign-On (aka Single Sign-On)Allows a user to sign-on once at a Liberty enabled site and to be seamlessly signed-on when navigating to another Liberty-enabled site without the need to authenticate again. • Single Logout provides synchronized session logout functionality across all sessions that were authenticated by a particular identity provider. tutorial_draft.pdf

  5. Key Concepts • Network Identity is the fusion of network security and authentication, user provisioning and customer management, single sign-on technologies and Web-services delivery. • Federated identity architecture delivers the benefit of simplified sign-on to users by granting rapid access to resources to which they have permission but does not require the user’s personal information to be stored centrally. tutorial_draft.pdf

  6. Federated Identity Lifecycle tutorial_draft.pdf

  7. Single Sign-on and Federation tutorial_draft.pdf

  8. IdP-initiated Single Logout tutorial_draft.pdf

  9. ID-WSF Concepts • Discovery Service enables various entities (e. g. Service Providers) to dynamically discover a Principle’s registered identity services. • Interaction Service protocols provide an identity service the means to obtain permission from a users. • Attribute Provider hosts a data service – such as ID-Personal Profile. tutorial_draft.pdf

  10. The Complete Liberty Architecture

  11. Interaction tutorial_draft.pdf

  12. Business Guidelines • Federated Identity cannot be successful based on technology alone. Also required are: • IT staff to manage and implement a set of specifications that cross several domains of expertise • A clean directory • Pre-existing agreements with others in a circle of trust • Detail major issues for federated identity interchange and trust relationships • Examine risk and liability in identity interchange • Identify success criteria for global and cross- company federation tutorial_draft.pdf

  13. Business Guidelines

  14. IBM/France Telecom Deployment • Create a single-sign-on network for France Telecom's 50 million cellular phone users • Subscribers can sign-on via mobile telephone or personal computer • Makes single-sign-on systems even more important, since logging into a network with a phone is much slower than using a PC's keyboard. • Applications that France Telecom hopes that it or its partners will supply include instant messaging, location-based services, games, online banking and e-mail

  15. AOL/D-Link Deployment • AOL Broadband subscribers use D-Link's wireless media player to play music from the Radio@AOL service on home stereos. • The media player uses the Liberty protocols to access Radio@AOL on behalf of a user • No need to login to AOL to use media player • AOL demonstrated the same service running over a Nokia handset at the 3GSM Conference this February

  16. Japan’s EduMart Deployment • Part of the e-Japan Policy Priority Program • Spearheaded by the Strategic Headquarters for the Promotion of an Advanced Information and Telecommunications Network Society • Brings rich educational content to students at more than 40,000 schools • Established an open interface • Built an educational content distribution network that will lead to a system in which both public institutions and private businesses can connect to interfaces and freely participate.

  17. County Land Document Recording Exchange • Deployment across Government and Industry Streamlines the land recordation process (thousands of counties and innumerable lenders/title companies each with separate systems and identities) • Establishes a strong foundation for an industry “Circle of Trust”

  18. NTT Software (available) (2004) PeopleSoft (available) Phaos Technology (available) Ping Identity (available) PostX (available) RSA (Q4) Salesforce. com (TBD) Sigaba (available) Sun Microsystems (available) Trustgenix (available) Ubisecure (available) Verisign (Q4*) Vodafone (2004) WaveSet (available) *Delivery dates being confirmed Product Support • AOL (announced) • Communicator (available) • Computer Associates (Q4*) • DataKey (available) • DigiGan (Q3*) • Ericsson (Q4) • Entrust (Q1 2004) • France Telecom (Q4 2003) • Fujitsu Invia (available) • Gemplus (TBD) • HP (available) • July Systems (available) • Netegrity (2004) • NeuStar (available) • Nokia (2004) • Novell (available)

  19. For More Information W W W. PROJECTLIBERTY. ORG www.oasis-open.org/committees/tc_home.php?wg_abbrev=security www-106.ibm.com/developerworks/library/ws-fed/ Contact me: Rebekah Metz metz_rebekah@bah.com

More Related