Microsoft prepares to join up with Liberty

Businesses may soon be able to offer customers a single sign on platform for secure Internet transactions, regardless of the...

Businesses may soon be able to offer customers a single sign on platform for secure Internet transactions, regardless of the architecture of a particular site.

Microsoft has indicated that its TrustBridge security model will in future work alongside the rival Liberty Alliance system to provide federated security between the two systems.

The Liberty Alliance last week announced its technical specification would be based on the Security Assertion Markup Language (SAML). Following the announcement a Microsoft spokesman said the company would also support some parts of the SAML standard.

SAML is a proposed specification for authentication and authorisation. It aims to deliver a set of rules for exchanging information between multiple Web access management and security products.

Building SAML into its security initiative is the first practical indication from Microsoft that it will support the Liberty Alliance architecture, as well as pushing its own Passport technology.

Other vendors are also looking at SAML. Peter Jopling, sales manager for Tivoli Security at IBM said SAML was the technology to bring together federated security. "Once it is ratified we will include it in our own products including Access Manager for eBusiness."

Novell is also giving its support to the standard. Lee Howarth, iChain product manager at Novell said the company's recently announced Saturn identity management system supports Liberty and, as a consequence, uses the SAML specification.

Mike Thompson, principal research analyst at Butler Group said: "The suppliers are clearly aiming to provide interoperability between Liberty and TrustBridge."

Without it, he said, it would not be possible to provide federated security between TrustBridge and Liberty.

This would mean customers signing on at a Web site using Liberty architecture would have to log on again to make secure transitions to a site based on Microsoft's TrustBridge technology.

Microsoft's support of SAML would allow a user to be authenticated through either Liberty or TrustBridge so the user would then only need to log in once.

Gartner analyst John Pescatore warned that there was still more talk than delivery surrounding interoperability.

In a recent paper on implementing single sign-on for a Windows/Unix environment within the enterprise, Pescatore said that while Microsoft has made statements about embracing SAML, "its actions to date indicate little progress toward doing so".

Pescatore advised users to limit their use of SAML for single sign-on in the event Microsoft eventually failed to support SAML in TrustBridge and other products.

Read more on Antivirus, firewall and IDS products