Standards are needed to make sure user login information
is retained when applications use services built with aservice oriented architecture
(SOA).
Eve Maler, one of the inventors of XML and a technology director
at Sun Microsystems, said, "SOA needs federated identity management
to allow multiple services to communicate."
One of the big benefits of SOA is it enables software developers
to create business applications quicker and potentially of higher
quality by using reusable components known as services.
In order for reuse to work, the end-user of the application must
be granted security permission to use all the SOA services the
application requires.
During her presentation at the Oasis ID Trust workshop running
at the Burton Group Catalyst conference in Barcelona, Maler said,
"An architecture is needed to enable multiple services in an SOA to
communicate." She said a standard was needed for identity
management to allow the application to run automatically without
requiring the user to login individually to all the services.
She introduced Project Concordia, one of the standards
initiatives attempting to solve the problem of creating a standard
for identity managemement in an SOA. Members of the group include
Boeing, Chevron, General Motors and the Government of British
Columbia.
Maler said the project would be looking to tackle real world
problems faced by companies like Boeing, which requires a single
interface to support both outsourced services and internally
developed services.
Members of the Project Concordia group are expected to present a
draft specification at the RSA 2008 conference next April.