Standards are needed to make sure user login information is retained when applications use services built with a service oriented architecture (SOA).
Eve Maler, one of the inventors of XML and a technology director at Sun Microsystems, said, "SOA needs federated identity management to allow multiple services to communicate."
One of the big benefits of SOA is it enables software developers to create business applications quicker and potentially of higher quality by using reusable components known as services.
In order for reuse to work, the end-user of the application must be granted security permission to use all the SOA services the application requires.
During her presentation at the Oasis ID Trust workshop running at the Burton Group Catalyst conference in Barcelona, Maler said, "An architecture is needed to enable multiple services in an SOA to communicate." She said a standard was needed for identity management to allow the application to run automatically without requiring the user to login individually to all the services.
She introduced Project Concordia, one of the standards initiatives attempting to solve the problem of creating a standard for identity managemement in an SOA. Members of the group include Boeing, Chevron, General Motors and the Government of British Columbia.
Maler said the project would be looking to tackle real world problems faced by companies like Boeing, which requires a single interface to support both outsourced services and internally developed services.
Members of the Project Concordia group are expected to present a draft specification at the RSA 2008 conference next April.