The federated network identity functionality Sun is offering holds the promise of making it easier to access Web and non-Web applications by providing for a single authentication to multiple applications, according to Sun.
Built on top of Sun ONE Directory Server, Sun ONE Identity Server integrates access management, delegated administration, directory, and federation services into a single product.
Sun's offering appears to be the first shipping product to support the Liberty specification, said Burton Group senior analyst James Kobelius. But to get critical mass for Liberty, other vendors will need to support it in their Web access management products as well, he added. That support is expected during the next year.
Liberty provides for a "circle of trust" among Web sites, said Kobelius. After a single sign-on, "the user can then log into any of the sites in that circle of trust and, transparent to him, he'll be logged into all the sites simultaneously without having to re-enter a user name or password," Kobelius said.
The identity server can play a role in the proliferation of Web services, said Sun's Andy Eliopoulos, director of business management for network identity at Sun ONE Web services provides standard interfaces for system integration.
"The issue with Web services is the security around it," Eliopoulos said. Having an identity management mechanism "opens up obviously a huge opportunity to deliver Web services".
Centralised administration is provided in Version 6.0 for identities, policies, and services. Administrators can delegate administration to enable users to manage their own profile attributes.
Also featured in the product is continued support of SAML (Security Assertion Markup Language), enabling for unification of logins within the corporate firewall, according to Sun. Version 6.0 also uses Java and XML to provide for federated identity management and increased security and privacy, the company said.
Single sign-on is provided for Web-based resources and centrally controlled access services. Authentication mechanisms supported include LDAP, RADIUS, X509v3 certificates, SafeWord token cards and Unix platform authentication services, according to Sun. APIs in C, Java, and XML enable customisation and integration for policy, authentication, auditing/reporting, and client interfaces.
Sun ONE Identity Server 6.0 runs on Sun SPARC-Solaris systems. The company plans to port it to Linux systems, enabling it to run on various hardware platforms, in the latter part of this year, Eliopoulos said.
Sun ONE Identity Server 6.0 is priced starting at $10 per user, with a tiered volume discount available in which per-user costs decrease as more users are added.