dcsimg
RealTime IT News

Novell Enters Identity Management Fray

Novell Monday began its play for the Web services directory services market by laying out its roadmap at the Burton Group Catalyst Conference 2002 in San Francisco.

Dubbed project Destiny, the roadmap defines Novell's directory releases for the next 18 months, beginning with a UDDI server scheduled for release later this year. Novell is betting that Destiny will allow it to capture a leadership position in secure identity management, a key component of Web services.

"As companies continue to deploy new applications and try to develop to emerging Web services, their networks are becoming ever more complex, making them difficult to manage, difficult to secure and a major drain on resources," said Chris Stone, vice chairman of the Office of the CEO for Novell. "This is complicated by the fact that some technology vendors are now forcing companies to upgrade existing systems whether or not it makes sense for the organization. Novell's vision for directories is radically different than anything anyone has ever done before, and it will truly eliminate this obstacle of complexity -- solving the identity, interoperability and security problems within current and future environments."

Project Destiny will focus on four areas: Web services, Dynamic Identity, Intelligent Infrastructure and Federated Trust.

The company's first planned release, a UDDI server built on Novell eDirectory, slots into the Web services area. The company said the offering will provide secure identity and access management to UDDI registries. It plans to follow up with native XML and SOAP support, building on the tools it gained through the recent acquisition of SilverStream.

Meanwhile, Novell's Dynamic Identity efforts are intended to allow directories to manage identities more fluidly, giving them the ability to represent identity based on the needs of the particular service they are serving. For instance, the company said a travel Web site may only need a stripped down representation of identity based on a user's company and frequent flyer number, while an accounting application would need more robust data, like a complete profile which includes the user's job role and budgetary constraints.

On the Intelligent Infrastructure front, Novell is working to integrate a policy engine with directory, giving the directory the ability to make decisions about data and relationships based on business rules.

Finally, in the Federated Trust aspect of the roadmap, Novell said it would use open standards like Secure Assertion Markup Language , or SAML, and specifications put forward by the Liberty Alliance, to enable the federation of security credentials. This, in turn, will allow businesses to securely integrate their networks with those of their customers, partners, employees and suppliers.

However, Novell is not alone in its quest to secure the identity management space. The Liberty Alliance, of which Novell is a member, was created in order to back standards for identity management, enabling federated trust and single sign-on capabilities. The Liberty Alliance has more than 40 members, including RSA Security, which created the SAML specification, and Sun Microsystems, which is making its own aggressive play for the market.

But other Web services players, including heavyweights like Microsoft and IBM, are working on their own solutions for federated trust and authentication, though Microsoft has put its plans to use Passport as a federated identity service on hold, it continues to put it forward as a software solution.