IBM, Microsoft and several other leading software companies will, next week, announce a specification intended to help corporate users simplify identity management.
The proposed WS-Federation specification features a set of web services technologies intended to give developers a standard way of adding security capabilities to any web service they build.
The specification defines mechanisms that allow developers to manage and establish trust relationships across companies and domains using a variety of different types of security solutions, including support for federated identities.
"This will let companies tie their identity systems to each other in a way that lets them trade information back and forth about users and systems and then federate that data across the internet no matter what security infrastructure they are using," said Steven VanRoekel, Microsoft's director of web services.
By allowing corporate users with a variety of security solutions to interoperate, administrators can afford to authenticate a single employee just once, allowing that employee to work with web services available from his or her company as well as those of the company's business partners.
"What this will do is provide a way for trust relationships to be established," said Carla Norsworthy, director of dynamic e-business technologies at IBM.
"Users can carry out federate identity and not inconvenience users with remembering lots of passwords, [and] administrators can now do this on policy-based systems,'' she said.
Last year, IBM and Microsoft laid out a roadmap called "Security in a Web services World", which gave the framework of specifications for WS-Federation.
The WS-Federation specification builds on the foundation WS-Security, which includes WS-Policy, WS-Trust, and WS-SecureConversation. Together, these specifications are intended to enable a complete model of security functions for web services.
Ed Scannell writes for InfoWorld