Liberty Alliance News

Liberty Alliance Announces Latest Companies Passing SAML 2.0 Interoperability Testing

noreply@blogger.com (Liberty Alliance Communications) — Wed, 24 Sep 2008 19:15:00 +0000

Liberty Interoperable Event Features Full-Matrix and eGovernment Profile Testing as Global Demand for Interoperable Identity Solutions Continues to Grow

New York, NY - September 24, 2008 - Liberty Alliance, the global identity community working to build a more trustworthy Internet for businesses, governments and people worldwide, today announced that products from CA; NTT Software; Ping Identity; RSA, The Security Division of EMC; and Ubisecure have passed Liberty Alliance SAML 2.0 interoperability testing. These vendors participated in the second Liberty Interoperable™ event to offer full-matrix and eGovernment profile testing managed by the Drummond Group Inc. Liberty Alliance and the Drummond Group will host a public webcast outlining the benefits full-matrix testing is delivering to the global identity industry at 8:00AM US PT (5:00 pm CET) on Tuesday, October 14, 2008.

“The Liberty Interoperable full-matrix SAML 2.0 testing program represents a new era in demonstrating how secure and privacy-respecting enterprise and user-driven identity-enabled applications can interoperate across devices, networks and regions,” said Brett McDowell, executive director, Liberty Alliance. “Identity products passing Liberty Interoperable SAML 2.0 full-matrix testing provide organizations with tremendous value because they have proven to interoperate with each other across a wide variety of real-world deployment scenarios.”

Liberty Alliance launched the Liberty Interoperable program in 2003 and since then nearly 85 identity products and solutions from vendors around the world have passed Liberty Alliance testing. During 4Q 2007, the program was expanded to include testing for the E-Authentication SAML 2.0 profile to support the US General Services Administration (GSA) mandate that vendors pass Liberty Alliance SAML 2.0 testing as a prerequisite for participating in the US E-Authentication Identity Federation. The 2008 event offered the most extensive testing scope to date and featured an updated eGovernment profile, new Service Provider (SP) and Identity Provider (IdP) requirements and a new multiple SP logout scenario.

In partnership with the Drummond Group Inc., Liberty Alliance enhanced the Interoperable program by incorporating Web-based full-matrix testing to meet growing global demand for interoperable, secure and privacy-respecting identity-enabled SAML 2.0 applications and services. The Web-based full-matrix testing allows vendors to participate from anywhere in the world with participants from the 2008 event located in Asia, Europe and North America. The Web-based approach also allows for more rigorous processes for ensuring products meet interoperability requirements for SAML 2.0 and the SAML 2.0 eGovernment profile.

During the testing period held from August 22 – August 29, 2008, the following products and services demonstrated interoperability based on a variety of SAML 2.0 conformance modes. A detailed list outlining what each vendor passed is available at iop.projectliberty.org.

CA - CA SiteMinder Federation Security Services r12.1 extends the Web single sign-on experience provided by CA SiteMinder Web Access Manager to applications and portals provided internally by other organizational business units or externally on the Internet by partners or application outsourcers. It enables a CA SiteMinder WAM-protected site to act as an identity provider, a service provider, or both and provides broad support of federation standards such as SAML and WS-Federation and leverages the scalability, reliability, and manageability capabilities of CA SiteMinder WAM.

NTT Software – TrustBind Federation Manager (1.1) delivers a complete, high-performance, carrier-grade SAML 2.0 solution in the form of a Java component module. With support for multiple operating systems and middleware platforms, TrustBind allows for fast and inexpensive deployments.

Ping Identity – PingFederate provides an organization’s users safe access to Internet applications without the need for repeat logins. Identity federation deployments that used to take six months or more now take days with PingFederate’s easy-to-use software. Over a dozen integration kits let PingFederate link to existing identity and application infrastructure. PingFederate 5.2 includes automated provisioning and advanced user access methods to support comprehensive SSO for Salesforce and GoogleApps™.

RSA, The Security Division of EMC – RSA® Federated Identity Manager v4.1 is engineered to enable enterprises to securely and confidentially share trusted user identities between disparate internal business units, customers, and/or partners. It is designed to help simplify administration and accelerate deployment timelines. RSA Federated Identity Manager v4.1 supports OASIS SAML 1.1 and SAML 2.0, OASIS Web Services Federation v1.0 (WSFED) and interoperability with Microsoft® Active Directory® Federation Services v1.0 (ADFS). The solution includes interoperability with numerous authentication authorities including Oracle® BEA Weblogic®, IBM® WebSphere®, Microsoft® Integrated Windows® Authentication (IWA) and Microsoft .NET™ technology. Partner configuration management is aided by a configuration dashboard and automated metadata exchange. ..

Ubisecure – Ubilogin SSO 5.0 is an efficient-to-deploy Single Sign-On, Access Control and Federation solution providing extensive Authentication and Authorization for Intranet, Extranet, Web Services and mobile applications. It provides efficiency and cost savings in identity management and integration with the innovative Identity Broker Engine (IBE) technology. Authentication is based on more than 20 mechanisms such as Mobile-PKI authentication, various Scandinavian bank-authentication services, One-Time Passwords over SMS and printed; and many more. Integration solutions are available out-of-the-box for a variety of platforms and applications, such as SAML SPs for Oracle WebLogic, Microsoft ASP.NET and Microsoft Sharepoint. Standards-based integration based on SAML, Liberty ID-WSF and WS-Federation. Ubilogin SSO is in use in various service provider, network operator, e-government and enterprise environments. Ubilogin SSO reduces application development costs, reduces operation costs and improves usability.

About the October 14 Full-Matrix Webcast
Hosted by Liberty Alliance and Drummond Group, Inc., the public webcast will highlight the benefits full-matrix interoperability testing is delivering to organizations and people. Participants will understand how to leverage products that have passed Liberty Interoperable full-matrix testing to more easily deploy successful SAML 2.0-based digital identity management solutions. More information and registration for the one-hour event is available at http://tinyurl.com/5yz9oo

About the Liberty Interoperable™ Program
Businesses, governments and organizations around the world are deploying SAML 2.0-based identity-enabled applications to protect identity data, deliver secure business services, help meet regulatory requirements and provide people with better protection against online fraud and identity theft. The ongoing success of the Liberty Interoperable program is demonstrated by the widescale deployment of Liberty-enabled products and the increasing number of businesses and governments now requiring vendors to pass Liberty Alliance testing. A list of all vendor products that have passed Liberty Alliance testing is available at http://projectliberty.org/liberty/liberty_interoperable/implementations

###

Aetna, Citi, Deutsche Telekom AG and UNINETT Digital Identity Case Studies Released

noreply@blogger.com (Liberty Alliance Communications) — Thu, 11 Sep 2008 16:47:00 +0000

Liberty Alliance released digital identity management case studies for Aetna, Citi, Deutsche Telekom AG and UNINETT this week. As winners of the 2008 Liberty Alliance IDDY (Identity Deployment of the Year) Award, the case studies outline the value open identity specifications and standardized business and policy frameworks from Liberty Alliance are delivering to organizations, communities and people around the globe.

All of the case studies are available on the Liberty Alliance website at http://projectliberty.org/liberty/news_events/iddy_awards. Congratulations to all of the winners of this year’s award!

Aetna, Citi, Deutsche Telekom AG and UNINETT Win 2008 Liberty Alliance IDDY Awards

noreply@blogger.com (Liberty Alliance Communications) — Thu, 17 Jul 2008 17:49:00 +0000

Today, Liberty Alliance announced that Aetna, Citi, Deutsche Telekom AG and UNINETT have won the 2008 Liberty Alliance IDDY (Identity Deployment of the Year Award). With three nomination categories, more submissions than any other year, and winning applications in the healthcare, financial services, telecom and open source sectors, the 2008 program mirrors the evolving identity landscape, recognizing established and up-and-coming enterprise solutions as well as the applications developed to serve communities and users.

Now in its third year, the IDDY recognizes identity-enabled applications built using open identity specifications and policy frameworks from Liberty Alliance. The entire press release detailing winning applications follows. Congratulations to this year's winners!

Aetna, Citi, Deutsche Telekom AG and UNINETT Win 2008 Liberty Alliance IDDY Awards

Identity-Enabled Applications in the Healthcare, Financial Services, Telecom and Open Source Sectors Receive Identity Deployment of the Year Awards

Liberty Alliance – July 17, 2008 -- Liberty Alliance, the global identity community working to build a more trust-worthy internet for consumers, governments and businesses worldwide, today announced Aetna, Citi, Deutsche Telekom AG and UNINETT have won the 2008 IDDY (Identity Deployment of the Year) Award. This year the judging panel awarded IDDYs in three categories covering Liberty-based deployments, Liberty-based emerging applications and multi-protocol identity-enabled solutions incorporating open identity specifications from Liberty Alliance. Winners will receive the IDDY Award on-stage at CSO Magazine’s Digital ID World 2008 conference in Anaheim CA on September 9. A photo of the Liberty Alliance IDDY Award is available at http://www.projectliberty.org/liberty/news_events/iddy_awards

“Now in its third year, the Liberty Alliance IDDY Awards recognize some of the best-of-the best enterprise and user-driven identity-enabled applications in the global marketplace today,” said Brett McDowell, executive director, Liberty Alliance. “Aetna, Citi, Deutsche Telekom AG and UNINETT are to be congratulated for demonstrating winning applications that enable organizations to deliver a variety of secure and more privacy-respecting identity-enabled services to communities, organizations and people worldwide.”

IDDY Award nominations are evaluated based on criteria that include the benefits applications deliver to users and organizations; the ROI the application demonstrates; and how the solution may successfully address identity issues such as reducing identity theft, meeting regulatory requirements or providing users with increased security and privacy protection. The program highlights identity-enabled applications that leverage any of the secure, privacy-respecting and proven interoperable Liberty SAML 2.0 Federation, Liberty Web Services (ID-WSF), Liberty People Service and Liberty Advanced Client specifications.

Representatives from winning organizations will participate in the "Case Studies and Stories from IDDY Award Winners" panel discussion to be held from 12:20 – 1:10 on Tuesday, September 9 at CSO Magazine’s Digital ID World 2008. All DIDW participants are welcome to attend the presentation with more information available at http://public.cxo.com/conferences/agenda.html?conferenceID=24

2008 Liberty Alliance IDDY Award Winners

Aetna – Aetna has received an IDDY Deployment Award for an externally hosted online provider portal used for linking healthcare providers with health plans. Working with NaviMedix, the portal includes a variety of tools including transactions and content hosted by Aetna with interfaces to third-party Internet Application Service Providers and Content Service Providers. The deployment was launched in the US in December 2007 and is currently utilized by healthcare providers in all 50 states.

Highlights – The application delivers seamless and secure single sign-on (SSO) capability into Aetna-hosted applications and identity-enabled transactions. This enables the use of applications without redevelopment, giving a common portal presentation to providers adding enablement of web service transactions within the federated context. Since deploying the application, Aetna has been able to increase its offering of tools and features that help providers conduct simplified administrative transactions, reduce paper-based communications, and access clinical decision support tools. The solution allows for the quick roll-out of new applications and services throughout the provider network.

Technologies – The application leverages SAML 2.0 for browser-based SSO, DSML for downstream identity provisioning, and Web Services Security for authorization and signature of entitlements. Requests and responses using X.509 certificates are scheduled for implementation during 3Q of this year.

Citi – Citi’s Global Transaction Services has received an IDDY Deployment Award for providing managed identity services that help institutional clients utilize digital credentials and signature technologies in a comprehensive and legally binding manner. Citi is both a Credential Service Provider and a Relying Party as defined in the Liberty Identity Assurance Framework (IAF). As a trusted financial services provider to the world’s top corporations and governments in more than 100 countries, Citi is addressing identity challenges in establishing trust in B2B and B2G identity-enabled transactions by coupling rigorous internal processes with proven identity management technologies.

Highlights – The goal of managed identity services is to create value for Citi clients including: greater visibility into the actions of authorized end users and their role as defined by internal processes; control and governance over the access and activities of end users; and assurance of identity, non-repudiation and document integrity to mitigate risk associated with sensitive business processes when transacting with business partners.

Technologies – The identity-enabled services Citi provides are dependent on technologies spanning the web (HTTP/HTTPS), web services (SAML, WS-Security, SOAP), PKI (Certificate Authorities, X.509, PKCS#7), strong authentication technologies (HSM, KSM) records management and entitlement management (XACML), identity platforms (RDBMS, LDAP), document formats (PDF, XML) and development platforms (.NET, Java).

Deutsche Telekom AG - Deutsche Telekom AG has received a Multi-Protocol IDDY Award for its identity application designed to lower implementation barriers when it comes to the delivery of Online/IP-based services to consumers. Initially launched in 2002 and winner of the 2006 IDDY Award, the application has been steadily enhanced to offer multi-protocol capabilities for service provider interfaces as well as for authentication methods and automatic user identification. The application serves the requirements of the mass market for Online/IP-based consumer applications by providing fundamental functionalities such as Single Login, Automatic identification, Single Sign On and Single Logout.

Highlights – With Deutsche Telekom AG serving as an identity provider, the application is a key business enabler for offering Online/IP-based services to Deutsche Telekom AG customers. The application ensures easy implementation of consumer services and shortens the time-to-market for new service offerings. It allows quick and cost-efficient link-up with partners using the identity standard protocol that fits best and reduces the complexity of the IT-architecture. The application provides consumers with a unique and consistent user-interface that is easy-to-use, transparent and secure.

Technologies – With the goal of tying a wide variety of Online/IP-based consumer services together by means of a common identity management user experience and to provide scenario-focused login methods, the application currently supports SOAP/XML, Secure Token Service, ID-FF 1.2, SAML 2.0, HTTP Basic and HTTP Digest, as well as different authentication methods. The underlying architectural guidelines make it possible to integrate further IDM protocols with the latest enhancements moving to provide preliminary support for OpenID 1.1, OpenID 2.0 and Microsoft CardSpace.

UNINETT – has received an Emerging Application IDDY Award for SimpleSAMLphp, an open source lightweight implementation of several federation protocols written in PHP. Free to download and available in 15 languages, simpleSAMLphp is a platform for quick implementation of emerging standards or identity-enabled proof-of concept (POC) applications. The software implements Web SSO, and can be applied in any deployment where users need to be authenticated to a World Wide Web Service.

Highlights – The simpleSAMLphp core is widely used in production deployments, providing a platform for use where the path from POC to production does not need to be long. With simple installation, configuration and maintenance, users save time, resources and money. The flexible solution integrates with existing systems and makes it easy to incorporate new emerging standards. Features such as the User Consent module give users more control and knowledge about the exchange of personal data when conducting online identity-enabled transactions.

Technologies – SimpleSAMLphp supports identity protocols such as SAML 2.0, Shibboleth 1.3 and WS-Federation. Experimental functionality is ongoing with several other protocols including OpenID, A-Select and PAPI.

About the Liberty Alliance IDDY Award
The Liberty Alliance IDDY Award recognizes digital identity deployments and the up-and-coming identity-enabled applications that incorporate identity specifications and policy frameworks from Liberty Alliance. Previous IDDY Award winners are eBIZ.mobility, EduTech, Deutsche Telekom AG, The New Zealand Government, NTT Labs, Rearden Commerce and the UK Government Authentication Gateway. Judges for the 2008 award include Bob Bragdon, Publisher, CSO Magazine; Michael Barrett, CISO, PayPal, Inc.; Michelle Dennedy, CPO, Sun Microsystems; John Fontana, Senior Editor, Network World; Gerry Gebel, VP & Service Director, Identity and Privacy Strategies, Burton Group; Paul Madsen, Liberty Alliance Technology Expert Group and Identity Standards Researcher, NTT; Roger Sullivan, president of Liberty Alliance and vice president Oracle Identity Management; and Robin Wilton, Liberty Alliance Public Policy Expert Group and Corporate Architect, Sun Microsystems. More information about the IDDY including links to case studies detailing previous winning applications is available at http://projectliberty.org/liberty/news_events/iddy_awards
###

Liberty Alliance Marks Policy and Privacy Milestone for Identity-Enabled Enterprise and Web 2.0 Applications

noreply@blogger.com (Liberty Alliance Communications) — Tue, 01 Jul 2008 20:31:00 +0000

Liberty Alliance Marks Policy and Privacy Milestone for Identity-Enabled Enterprise and Web 2.0 Applications

Release of IAF and IGF Drives Standardized Identity Assurances and Policy-Based Data and Privacy Protection across Identity-Enabled Applications and Networks

Liberty Alliance, the global identity community working to build a more trust-worthy internet for consumers, governments and businesses worldwide, today announced an industry milestone in driving trust and privacy into enterprise and identity-enabled applications based on the release of the Liberty Identity Assurance Framework (IAF) and the Liberty Identity Governance Framework (IGF). Today’s news is the result of the collaborative development of standardized frameworks and technologies designed to meet cross-industry requirements for policy-based security and privacy systems, with a focus on streamlining the establishment and management of identity and trust across user-driven applications and networks.

The IAF has been developed within the Liberty Identity Assurance Expert Group and public special interest group under the leadership of Frank Villavicencio, director, Citi Global Transaction Services and Alex Popowycz, vice president, Fidelity Investments. The IAF defines a global standard framework and necessary support programs for validating trusted identity assurance service providers in a way that scales, empowers business processes and fosters the deployment of identity federation networks, by standardizing four identity assurance levels and the related certification process for credential service providers. The protocol independent IAF makes it easier and more cost effective for organizations to link identity federations together based on a uniform definition of the security and privacy risks associated with each level of identity assurance. More information about the IAF is available by viewing today’s corresponding Liberty Alliance Releases Identity Assurance Framework press release.

The IGF has been developed within the global Liberty Alliance Technology Expert Group (TEG) and with open source implementation ongoing at OpenLiberty.org. IGF is the industry’s first declarative policy framework for managing identity flows within organizations motivated by regulatory requirements such as the European Data Protection Initiative, Gramm-Leach-Bliley Act, PCI Security Standard and Sarbanes-Oxley. IGF helps enterprises reduce risk associated with managing identity data by creating a standard for defining enterprise-level policies and controls for consumer consent for sharing sensitive personal information, including personally identifiable information. Such policies ensure that identity-enabled enterprise applications can be deployed and managed securely across enterprise networks. More information about the IGF is available by viewing today’s corresponding Liberty Alliance Announces First Release of Identity Governance Framework Components press release.

“With today’s announcements, Liberty Alliance is delivering on its promise to provide developers, system integrators and organizations in every sector with standardized business and policy frameworks to help build and deploy more trusted identity-enabled enterprise and user-driven applications,” said Roger Sullivan, president of the Liberty Alliance Management Board and vice president, Oracle Identity Management. “The Liberty Identity Assurance Framework and the Liberty Identity Governance Framework help organizations enable a variety of new business services by making it easier to address the business and policy pain points involved in managing identity relationships and user privacy across multiple identity systems.”

The release of the IAF and IGF provide organizations with a portfolio of solutions for driving policy into identity systems in order to better manage the many identity relationships spanning organizations and applications. The protocol independent IAF lays the foundation for establishing standardized identity assurances and the requirements an enterprise or group of enterprises should meet in order to obtain IAF certification. The IGF allows for the creation and updating of policy for protecting identity information and provides enterprises with tools for policy enforcement, decision explanation and auditing. The frameworks speed the advancement of interoperable and secure policy-based identity solutions across vertical markets and regions to better protect consumers against identity theft and fraud and to help organizations meet a variety of global regulatory requirements. The first versions of the IAF andIGF released today are available.

“Identity assurance makes user authentication meaningful. Without it, there is too much risk that the authentication has been compromised,” said Mark Diodati, senior analyst, Identity and Privacy Strategies, Burton Group. “Standards-based identity assurance definitions and attestation functions are particularly important for scalable federation environments, because organizations need a way to ensure that their partners’ identity assurance processes are commensurate with the security needs of the application.”

About Liberty Alliance
Liberty Alliance is the only global identity community with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trust-worthy internet by addressing the technology, policy and privacy aspects of digital identity management. Liberty Alliance is also the only identity organization with a history of testing vendor products for true interoperability of identity specifications. Nearly 80 products and identity solutions from vendors around the world have now passed Liberty Interoperable™ testing. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty SAML 2.0 Federation, Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at www.projectliberty.org.

OpenLiberty.org Presentation @ IIW 2008

noreply@blogger.com (Liberty Alliance Communications) — Tue, 13 May 2008 20:16:00 +0000

OpenLiberty Presentation @ IIW 2008– A Liberty Web Services (ID-WSF) environment based on OpenLiberty code bootstrapped through an OpenID Server

Asa Hardcastle’s OpenLiberty.org discussion at IIW shows real momentum by the OpenLiberty.org Community. Asa is presenting an ID-WSF environment based on OpenLiberty code that is bootstrapped through an OpenID server. Asa’s post is here with a call-out to watch for more developments over the coming weeks.

Liberty Alliance Privacy in an Online, Web 2.0 World Webcast Series

noreply@blogger.com (Liberty Alliance Communications) — Fri, 04 Apr 2008 20:36:00 +0000

Liberty Alliance announced its Privacy in Perspective webcast series this week. While the entire press release follows, the series is designed to highlight some of the privacy issues and potential solutions facing the industry and features Robin Wilton (April 19) and Phil Hunt (April 23), along with Byron Acohido and Jon Swartz (April 30), technology editors with USA Today reviewing highlights from their new book, Zero Day Threat. The events are open to the public with registration at http://www.projectliberty.org/liberty/news_events/webcasts

"The Privacy in Perspective series will raise awareness and drive new discussions about the many -- and all too often overlooked -- privacy issues facing users and deployers of Web 2.0 applications that require unnecessary disclosure of personally identifiable information," said Brett McDowell, executive director, Liberty Alliance. "The series reinforces the need for users to become educated about the identity information they share online, their options for avoiding such identity traps, and the policies organizations must have in place to ensure personal information is both respected and protected."

News Release

Privacy in an Online, Web 2.0 World Focus of New Liberty Alliance Webcast SeriesPublic Series Examines Risks and Potential Solutions for Solving Online Privacy Issues Spanning Enterprise and Web 2.0 Applications and Technologies WASHINGTON, April 2, 2008 /PRNewswire/ -- Liberty Alliance, the global identity consortium working to build a more trust-worthy internet for consumers, governments and businesses worldwide, today announced the 2008 Privacy in Perspective webcast series. The webcasts examine online privacy issues from both a consumer and enterprise perspective and present potential solutions for better privacy in the Web 2.0 world. Hosted by leaders in the technology, public policy and media sectors, the Wednesday, April 19, 23 and 30 webcasts begin at 8:00am US PT (3:00 UTC) and are open to the public.

High-profile privacy-related incidents in the private and public sectors continue to bring personal data management -- and the associated risks -- sharply to the forefront of public awareness. The Privacy in Perspective series has been designed to shine the expert's spotlight on some of the less visible privacy issues which lie behind those attention-grabbing headlines. The webcasts cover issues facing users of online services, social networking and Web 2.0 application providers, in an open format to drive discussions about how to solve these global challenges. Highlights from the agenda include:

April 16 -- Robin Wilton, Corporate Architect for Federated Identity, Sun Microsystems and co-chair of the Liberty Alliance Public Policy Group, will review findings and next steps from the ongoing series of global Liberty Alliance privacy summits which bring together a diverse set of privacy stakeholders from the commercial, academic, legal and public sectors. Published findings from the Liberty Alliance privacy summit series held so far are available at http://www.projectliberty.org/liberty/public_community/privacy_summits

April 23 -- Phil Hunt, Director Security Standards, Oracle Identity Management, and lead developer of the IGF open source project at OpenLiberty.org, will provide an overview of the privacy benefits of the Liberty Identity Governance Framework (IGF), a policy-based organizational framework being standardized within Liberty Alliance and implemented in open source at OpenLiberty.org to protect personal identity information (PII) within and across enterprise networks. An overview of the IGF initiative is available at http://projectliberty.org/liberty/strategic_initiatives/identity_governance

April 30 -- Byron Acohido and Jon Swartz, technology editors with USA Today, will review highlights from their new book Zero Day Threat, which discusses the immediate and long-term security and privacy risks associated with online transactions, social networks and Web 2.0 technologies. The Zero Day Threat prologue with input from the authors is available at http://zerodaythreat.com/

"The Privacy in Perspective series will raise awareness and drive new discussions about the many -- and all too often overlooked -- privacy issues facing users and deployers of Web 2.0 applications that require unnecessary disclosure of personally identifiable information," said Brett McDowell, executive director, Liberty Alliance. "The series reinforces the need for users to become educated about the identity information they share online, their options for avoiding such identity traps, and the policies organizations must have in place to ensure personal information is both respected and protected."

About Liberty Alliance and the Privacy in Perspective Webcast SeriesWith over 150 members from around the world, Liberty Alliance is the only global identity organization that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted internet by addressing the technology, business and privacy aspects of digital identity management. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. The goal of the Privacy in Perspective series is to help assure an understanding and jump-start a dialogue about privacy implications surrounding various identity related technical solutions and deployments. Registration and a complete agenda is available at http://www.projectliberty.org/liberty/news_events/webcasts

###

openLiberty.org releases beta code

noreply@blogger.com (Liberty Alliance Communications) — Tue, 26 Feb 2008 13:09:00 +0000

Some exciting news for those following the open source developments of openLiberty.org. Check out Asa's post here and watch for more developments in 2Q

Liberty Alliance Launches Public Special Interest Group to Enable an Internationally Interoperable Healthcare Identity Management and Information Exch

noreply@blogger.com (Liberty Alliance Communications) — Fri, 22 Feb 2008 16:36:00 +0000

Global Interoperability and Patient Privacy Focus of New Liberty Alliance Health Identity Management Group

Orlando, Florida - Feb 22, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced the launch of a global public forum formed to develop an interoperable, secure and privacy-respecting information exchange system for the healthcare sector. The Liberty Alliance Health Identity Management Special Interest Group (HIM SIG) is leveraging the Liberty Alliance model of addressing the technology, business and privacy aspects of digital identity management to meet the unique identity management and regulatory challenges facing the international healthcare industry today.

Co-chaired by John Fraser, CEO, MEDNET USA and Pete Palmer, Security and Cryptography Architect, Wells Fargo, the group currently includes over 30 members from around the world representing the education, government, healthcare and technology sectors. Members are working to address how the healthcare industry will deliver secure identity management solutions that meet global regulatory mandates and ensure patient privacy. The public group is working closely with the Liberty Identity Assurance Expert Group to ensure requirements for standardized and certified identity assurance levels in the healthcare sector meet criteria established in the policy-based Liberty Identity Assurance Framework.

“Liberty’s proven interoperable technologies and standardized policy frameworks make it easier for healthcare organizations to protect sensitive data, meet compliance mandates and put patients in better control of their identity information, ” said Fraser. “The Health Identity Management group is a significant opportunity for individuals and organizations to come together and participate in the development of an interoperable, secure and privacy-respecting international healthcare exchange system.”

About the HIM SIGThe public HIM SIG expands the work of the Liberty Alliance eHealth SIG and is designed to foster collaboration among Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and all organizations interested in driving an internationally interoperable healthcare identity management and information exchange system. The HIM SIG is working with healthcare organizations worldwide and leveraging the work of Liberty’s four global Expert Groups and numerous Special Interest Groups to ensure broad industry participation. Information about Liberty’s membership structure and Expert and Special Interest Groups is available at http://www.projectliberty.org/liberty/about/structure Information about the HIM SIG is available at http://wiki.projectliberty.org/index.php/Health_Identity_Management_SIG

Overview of Liberty Alliance Governance and Policy Frameworks Focus of March 10 Santa Clara Identity Management Workshop

noreply@blogger.com (Liberty Alliance Communications) — Wed, 20 Feb 2008 20:39:00 +0000

Public Workshop Details How to Implement Liberty Alliance Identity Specifications and Reviews Policy-Based Identity Assurance and Identity Governance Frameworks

Santa Clara, CA. Feb 20, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of the agenda for its identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. The public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy interoperable, secure and privacy-respecting identity systems.

The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.

“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”

About the March 10 Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the workshop will overview the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org:443/ws/index.html

Liberty Alliance in Santa Clara on March 10

noreply@blogger.com (Liberty Alliance Communications) — Wed, 20 Feb 2008 00:12:00 +0000

Liberty Alliance, the global identity consortium, will hold a digital identity management implementation workshop in Santa Clara, CA on March 10. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems. There is no charge to attend the workshop.

Registration and more information is available at https://maa.projectliberty.org:443/ws/index.html

Boeing Identity Federation Case Study Added to Liberty Alliance Web Site

noreply@blogger.com (Liberty Alliance Communications) — Tue, 19 Feb 2008 22:46:00 +0000

Liberty Alliance has updated its growing list of SAML 2.0 Liberty Federation and Liberty Web Services case studies with a new case study about Boeing’s identity federation. Boeing joins the 23 other organizations featured in Liberty Alliance case studies. It’s a good read about the benefits of federation and another good opportunity to point to the Liberty-based deployments worldwide.

Liberty Alliance Schedules Four Public Interactive Webcasts to Review and Finalize Identity Assurance Framework Criteria

noreply@blogger.com (Liberty Alliance Communications) — Wed, 13 Feb 2008 22:25:00 +0000

Consortium Releases Updated Version of the IAF as Organizations Worldwide Participate in Review and Development Process

Liberty Alliance – February 13, 2008 -- Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released the latest version of the Liberty Identity Assurance Framework (IAF). Liberty Alliance is also announcing four public webcasts, each designed to review and gather industry input into primary sections of the IAF as the Framework moves to final during 2Q of this year. The latest version of the IAF is based on recent input from over 40 representatives from the global financial services, government, telecom, healthcare, system integrator and technology sectors and is available for additional review and comment at http://www.projectliberty.org/liberty/files/whitepapers/liberty_identity_assurance_framework_v1_0

The IAF is a policy-based organizational framework being developed collaboratively within the Liberty Alliance Identity Assurance Expert Group and corresponding public special interest group to advance trusted identity federations based on standardized and certified identity assurance levels. Each with a different moderator, the public webcasts will begin on February 20 when Common Organization Service Assessment Criteria will be reviewed, followed by Credential Management Service Assessment Criteria on March 5, Identity Proofing Service Assessment Criteria on March 12 and Certification/Accreditation Business Rules on March 26. All of the webcasts begin at 8:00am US PT.

“With the launch of the interactive webcast series, the global identity community has a significant opportunity to help drive the next phase of IAF development,” said Brett McDowell, executive director, Liberty Alliance. “Liberty Alliance encourages federation operators and all organizations planning to build or expand identity federations to attend the webcast events.”

About the IAF and IAF Webcast Series
Based on the Electronic Authentication Partnership Trust Framework derived from the NIST Special Publication 800-63 and now enhanced and updated by the Liberty’s IAEG, the IAF fills cross-industry requirements for baseline identity assurance policy standards for all public and private sector federations. The IAF defines four identity assurance levels based on a comprehensive set of process and policy criteria required to meet each level of assurance and goes on to define the standard assessment criteria, accreditation and certification rules for federating organizations to meet each of the four levels of assurance. Liberty Alliance expects to launch an identity assurance accreditation and certification program based on IAF criteria during mid-2008. Background and registration information for the four public IAF webcasts is available at http://www.projectliberty.org/liberty/news_events/webcasts

###

Upcoming.org – Liberty Alliance March 10 Santa Clara Identity Management Implementation Workshop

noreply@blogger.com (Liberty Alliance Communications) — Mon, 11 Feb 2008 23:11:00 +0000

"Liberty Alliance", the global identity consortium, will hold a digital identity management implementation workshop in Santa Clara, CA on March 10. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems. There is no charge to attend the workshop.

The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting. Registration and more information is available at https://maa.projectliberty.org/ws/index.html

Liberty Alliance Announces March 10 Santa Clara Identity Management Implementation Workshop

noreply@blogger.com (Liberty Alliance Communications) — Thu, 07 Feb 2008 20:30:00 +0000

Liberty Alliance Announces March 10 Santa Clara Identity Management Implementation Workshop

Understanding and Implementing Liberty Alliance Specifications and Policy-Based Identity Assurance and Governance Frameworks Focus of Public Event

Santa Clara, CA. Feb 4, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today announced a digital identity management implementation workshop taking place on March 10 from 9:30am - 5:30pm in Santa Clara, CA. This public event is for developers, system integrators and technical, business and policy teams interested in understanding how to implement Liberty’s open identity specifications and policy-based governance and privacy frameworks to build and deploy secure and privacy-respecting identity systems.

The event features representatives from organizations deploying SAML 2.0 Liberty Federation and Liberty Web Services who will review deployment use cases and a step-by-step overview of how technology and policy issues have been addressed within the application. The workshop will include functionality overviews of Liberty’s open identity specifications, a session on the soon-to-be released open source code from openLiberty.org and updates on the policy-based Liberty Identity Governance Framework (IGF) and the Liberty Identity Assurance Framework (IAF). The event will showcase Liberty specifications used in a Software as a Service (SaaS) deployment and will include the industry’s first Data Portability and Identity face-to-face meeting.

“Organizations need to address technology, business and privacy issues if they are to more easily build and deploy successful digital identity management solutions,” said Brett McDowell, executive director, Liberty Alliance. “The March 10 workshop will provide participants with the technology and policy overviews they need to jump-start the process of building identity dependent applications that can interoperate with the growing number of Liberty deployments worldwide.”

About the March 10 Liberty Alliance Santa Clara Workshop
Located at the Sun Microsystems Santa Clara Campus, the Liberty Alliance Workshop - Understanding Liberty’s Identity Technology Standards: Built for Today, Paving the Way to Tomorrow will discuss the use cases for implementing Liberty standards and the gains that can be realized through implementation, providing a clear view on where to start, what to implement first, and what prerequisites need to be in place. The workshop will blend traditional presentations with interactive birds-of-a-feather (BOF) discussions, providing opportunities for participants to interact, network and understand the Liberty standards, governance and policy landscape. The agenda and registration is available at https://maa.projectliberty.org/ws/index.html

Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management

noreply@blogger.com (Liberty Alliance Communications) — Thu, 07 Feb 2008 20:25:00 +0000

Google, NTT and the US GSA Deploy SAML 2.0 for Digital Identity Management

Organizations Worldwide Leverage SAML 2.0 Liberty Federation to Enable New Business Services, Help Meet Regulatory Requirements and Provide Users with Better Protection Against Online Fraud and Identity Theft

Liberty Alliance – January 29, 2008 – Liberty Alliance, the global identity consortium working to build a more trusted internet for consumers, governments and businesses worldwide, today released highlights of SAML 2.0-based digital identity management applications that are delivering real world value to users and organizations around the globe. These applications are among the many public and private sector deployments helping to drive a more secure and privacy-respecting internet identity layer across applications, sectors and regions based on SAML 2.0 standards.

“Virtually all federation efforts and almost all federation product vendors have built-in SAML 2.0 support,” said Gregg Kreizman, research director, Gartner. “Governments and enterprises planning new identity federations should base their implementations on the SAML 2.0 standards.”

Standard in Use in the Global Government and Public Sectors

With government organizations in The Americas, Asia, Australia and Europe building and deploying SAML 2.0-based identity applications, SAML 2.0 has become the standard of choice in the global eGovernment and public sectors. These governments are relying on SAML 2.0 to deliver a wide variety of new online services to citizens, help meet compliance mandates and to provide business and trading partners with a secure and trusted platform for conducting identity related transactions. A digital map and description of global eGovernment deployments based on SAML 2.0 Liberty Federation is available at http://projectliberty.org/liberty/adoption/egovernment/egov_world_map

“The beauty of the proven interoperable SAML 2.0 standard is that it has been developed with input from deployers and vendors of digital identity management solutions to support a broad range of online identity related transactions,” said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. “From authenticating at social networking sites to enterprise, financial and government transactions requiring the highest degree of security and privacy protection, SAML.2.0 is providing the foundation for organizations in every sector to build and deploy successful digital identity management solutions.”

Cross-Industry Demand for Secure and Privacy-Respecting Digital Identity Solutions

The applications highlighted today are only a small sample of the hundreds of B2B and consumer-facing SAML 2.0–based deployments and proof-of-concept applications in the global identity market. These applications span vertical segments where users and deploying organizations demand the highest levels of security and privacy protection and proven interoperability is critical to managing wide scale digital identity management solutions. Liberty Alliance maintains a list of deploying organizations at http://www.projectliberty.org/liberty/adoption with highlights from the applications announced today including:

Google – Using SAML 2.0 allows Google's customers to treat web-based authentication to Google Apps™ the same way they treat authentication to their other services. "We're extremely happy with the number of products that natively support SAML, as well as the number of people available to help our customers use it," said Gabe Cohen, product manager, Google Enterprise. "We chose to support SAML because it provides immense flexibility as a robust standard and the security that our customers demand. Ultimately, we want our customers to make their own decisions about their security and authentication policies, and SAML makes it easy." For more information on Google Apps, visit www.google.com/a.

NTT - NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information. A Liberty Alliance SASSO case study is available at http://projectliberty.org/resource_center/case_studies/ntt_sasso

“Our technology employs mobile phones and SAML 2.0 to strike the tough balance between security and privacy concerns on the one hand, and usability on the other—two necessities in the modern world,” said Dr. Kenji Takahashi, senior research engineer and supervisor, NTT Information Sharing Platform
Laboratories.

The US GSA E-Authentication Solution - Originally launched in 2002 as part of the President's Management Agenda, E-Authentication Solutions assists federal agencies in mitigating the security and privacy risks associated with e-government and helps control government costs associated with authenticating large numbers of end users. In October 2007, the US General Services Administration (GSA) announced that passing Liberty Alliance SAML 2.0 interoperability testing is a prerequisite for participating in the US E-Authentication Identity Federation. The decision by E-Authentication Solutions to have vendors pass Liberty Alliance SAML 2.0 testing recognizes the important role proven interoperability plays in advancing identity federations. More information about the E-Authentication Solution is available at http://www.cio.gov/eauthentication/

“E-Authentication Solutions wants federal agencies to be able to select the software that meets their unique business requirements while also delivering assurances that it will interoperate with other applications used within the Federation,” said Myisha Frazier-McElveen, Acting Program Executive, E-Authentication Solutions. “The US GSA is requiring vendors to pass Liberty Alliance SAML 2.0 interoperability testing to help ensure identity products can interoperate from day one and provide long-term business value to US Government Agencies.”

Source: Gartner, Inc. “The U.S. Government’s Adoption of SAML 2.0 Shows Wide Acceptance”, by Gregg Kreizman, John Pescatore and Ray Wagner, October 29, 2007

About Liberty Alliance
"Liberty Alliance" is the only global identity organization with a membership base that includes technology vendors, consumer service providers and educational and government organizations working together to build a more trusted internet by addressing the technology, business and privacy aspects of digital identity management. The Liberty Alliance Management Board consists of representatives from AOL, BT, France Telecom, HP, Intel, Novell, NTT, Oracle and Sun Microsystems. Liberty Alliance works with identity organizations worldwide to ensure all voices are included in the global identity discussion and regularly holds and participates in public events designed to advance the harmonization and interoperability of CardSpace, Liberty Federation (SAML 2.0), Liberty Web Services, OpenID and WS-* specifications. More information about Liberty Alliance as well as information about how to join many of its public groups and mail lists is available at http://www.projectliberty.org/

###

Google and Google Apps are trademarks of Google Inc.