RealTime IT News

Trustgenix to Provide SMBs Single Sign-on

Trustgenix, one of the few remaining pure-play makers of software that allows single sign-on access between companies, is reaching out to smaller businesses.

Called IdentityBridge Standard Edition (SE), the software provides federated identity management that lets large companies extend single sign-on to smaller firms that may not have the funds to buy new infrastructure.

Single sign-on services are helping to grease the wheels for Web services across disparate network infrastructure and multiple companies.

With IdentityBridge SE, large corporations can create a federation "hub" that will connect smaller suppliers, partners and customers as if they were all "spokes" on the same wheel, said Trustgenix CEO Atul Tulshibagwale. Businesses on the federated wheel can then call up and use Web applications as they need them.

"When you deploy single sign-on for employees, you're solving the problem for your internal sites but you're really not solving them for the external sites because each one of the external sites they visit will have their own single sign-on deployment and a password will be assigned to your users at the site," said Tulshibagwale.

He said a typical scenario of 20 single sign-on accounts in a wheel might consist of five internal and 15 external accounts.

Take the case of a supplier employee who leaves and joins a competitor, retaining extranet access that would let him look at the activities of other suppliers and gain an unfair advantage. This happens because while it is normal for an enterprise to shut down its internal accounts, businesses forget to follow suit for their external accounts.

IdentityBridge SE solves this problem because in a federated environment, users are authenticated to an employer. When the user leaves the organization, his credentials are lost internally, solving the problem of security breaches.

SE also offers one-step sign-off, which automatically logs users out of all applications when they're finished. The software also boasts automated user provisioning, which fetches user profile data and creates an account for first-time access. SE is also compatible with Computer Associates' eTrust software.

Designed to support Microsoft environments, SE installs on Microsoft Windows 2000 Server or higher, and uses a GUI-based wizard that integrates with Microsoft Active Directory and Microsoft IIS .

At $5,000 per site, SE is a lower cost, stripped down version of the company's IdentityBridge Enterprise Edition. The vendor also makes a carrier edition for telcos.

Gartner analyst Ray Wagner said products like SE will help companies with limited IT expertise join federation hubs, speeding the adoption of identity federation.

"The hub and spoke model is a standard way to create a 'community of interest'," Wagner said. "Any set of organizations wishing to share identity' information could implement this model, and it is a simple and elegant way to solve that problem."

Not everything is roses for the hub-and-spoke model. Wagner said many organizations do not have a pressing need for federation and the organizations who are good poster children for federation often have unsophisticated partners, requiring extra resources because they need help creating their part of the federation.

Trustgenix has navigated through a tumultuous market rife with consolidation. Computer Associates acquired Netegrity, HP acquired TruLogica, BMC bought OpenNetworks and Oracle acquired Phaos and recently made a play for Oblix. Ping ID and Trustgenix remain the last independent federated identity players, Wagner said.

Tulshibagwale said one of the key differences that sets Trustgenix apart is its endorsement of all of the key Web services federated identity and security standards, including all versions of SAML and Liberty specs. More poignantly, Trustgenix integrates with competing access control products from Netegrity, Oblix and RSA.