RealTime IT News

Liberty Frees Up Web Services Identity Specs

The Liberty Alliance Wednesday published the second phase of its specifications for its federated identity framework for Web services with founding member Sun Microsystems leading the way.

The systems vendor also announced the first five companies who are supporting the specs in its products, starting with itself. The other four are Sun, UK-based wireless carrier Vodafone, and security software companies Phaos, Ping and Trustgenix.

Whereas Phase 1 of the Liberty spec allowed secure single sign-on across disparate domains, the latest, Phase 2, expands on this capability to provide support for cross-domain attribute exchange and a foundation for Web services.

The alliance Wednesday released two Service Interface Specifications as precursors to the next leg of the Liberty process, including an ID-Personal Profile that defines a standard template for basic registration information so organizations have a common language to speak to each other. The second is an ID-Employee Profile that defines similar information for internal employees.

The end goal is to realize a federated identity architecture that will bring both efficiencies for employee identity management and create new revenue among business partners. Liberty's philosophy is rooted in its belief that users are increasingly looking to access the Web anytime, anywhere using many different devices such as PCs, kiosks, and mobile devices. Specs from Liberty aim to make it easier for vendors and service providers to build products and offer services that are compatible.

The news was announced at an interoperability event in Madrid for Liberty, which also aired a best practices "owners manual" to help Liberty implementers use the specs properly and the formation of a new group, the Services Group, to develop service interface specifications that exploit the Liberty Identity Web Services Framework.

Sun christened the Phase 2 specifications by supporting the single sign-on identity specs in a key component from the company's Java software for securing the identity of those using Web services on fixed or mobile computing machines -- Java System Identity Server.

Java System Identity Server uses role-based access control mechanisms to create and manage users, delegate user administration, and define the access policies for users on intranets and extranets.

Vodafone said it plans to deploy Phase 1 and Phase 2 Liberty standards in its intranet and commercial service platforms across Vodafone; software maker Phaos has created two J2EE server components packages using Liberty; Ping Identity plans to issue its open source SourceID Federation Platform in early 2004; and Trustgenix supports the Liberty Phase 2 standards with its IdentityBridge product.

Liberty Alliance President Michael Barrett, who doubles as vice president for privacy and security at American Express, said Liberty likes to think it is unique in an arena where Microsoft and IBM lead a standards body -- the Web Services Interoperability consortium (WS-I) -- looking to shepherd similar standards for secure Web services communications. However, though they may disagree about process, both Liberty and WS-I do employ open standards for their schemas, such as SOAP and XML.

Liberty is already working on the third leg of its phased roll out of federated Web services. For phase 3 of this endeavor, "Identity Service Interface Specifications (ID-SIS)," a new services group has been formed to develop interoperable service interface specifications that use the Liberty framework to address the needs of various industries, applications and business models.

Some early examples of Phase 3 include a contact book service interface, a common method for users to manage and share contacts regardless of contact book provider; geo-location service interface, or a way to automatically identify a person's location, at the user's request, to provide services like weather, news, travel or currency updates or directions to a chosen location; and a presence service interface as a common way for users to share presence information, such as whether they are online, offline, on the phone or in a meeting.

Gosling's New Java Job

In related news to the Java Enterprise System, Sun Microsystems Vice President, Sun Fellow and Java technology creator Dr. James Gosling will join Sun's Developer Platforms group as chief technology officer. The company said Gosling will work to migrate the Java and tools technology advances achieved by the Sun Labs team into the commercial space in his new position, demonstrating Sun's strong desire to penetrate the market with its Java software products.

Sun's standards-based application development environment, code-named Project Rave, focuses on the needs of corporate developers working in environments where Java technology is widely used. Sun Java Studio Enterprise; Sun Java Studio Standard; and Sun Java Studio Compiler Collection will fall under his purview.

Most recently, Dr. Gosling focused his time in the Sun Labs, leading a research team on advanced designs for software developer tools including refactoring methodology and pursuing advanced technology research initiatives such as Project Jackpot.

"Sun's developer tools and programs are essential elements to the enduring success of Java technology, and an integral part of the Java Enterprise System," said James Gosling. "Working with the Labs team over the years, we've designed concepts for improving the development cycle from end-to-end. I'm looking forward to bringing those ideas into the product set and to sharing Sun's passion for innovation with our customers and partners."