RealTime IT News

Big Blue Dips Into Federated ID

IBM has formally joined the red-hot federated identity fray, revealing new single-sign on software that helps enterprises safely let users tap into their computer resources.

Tivoli Federated Identity Manager (FIM) allows users to set up accounts and sign on to use internal and external services across a company and its partner Web sites. Users on a FIM-based network don't require another user ID and password, which saves businesses the hassle of spending time setting up additional accounts.

FIM also automates the creation and deletion of accounts, an important asset when employees change companies and might still have access to sensitive data from their previous employer. FIM eliminates the risk of ID misuse by wiping out outdated user accounts.

IBM crafted FIM as a solution to a nagging problem in the sharing of sensitive information. Because there is really no standard way for companies to trust each other, they end up creating their own user accounts and passwords. This can prove costly and expose user identities.

Federated identity software alleviates this burden, shepherding secure transactions between companies or applications that don't share a common security architecture. Such technology is important in Web services or service-oriented architectures (SOA) , where applications must securely communicate and exchange information.

IBM, which joined the federated ID group Liberty Alliance last fall, is a big believer in bridging the communication gap between companies that need to share information with affiliated parties.

The company said in a statement it expects federated identity products to get a boost from the increase in the number of employees on the go who require more mobile computing services. Businesses are also doling out more remote access for suppliers and partners via corporate intranets, according to IBM.

FIM, which supports Liberty, SAML, WS-Federation, WS-Security and WS-Trust standards and specifications, builds on the Armonk, N.Y., company's successful Tivoli Access Manager software. Layer 7 Technologies, DataPower, Reactivity, Sarvega and VeriSign are working with customers to deploy software using FIM.

ZapThink analyst Jason Bloomberg said FIM differs from competing products because it covers the gamut of federated ID needs: identity and access management; single sign-on or federated user provisioning; and Web services security management.

"There are few other products on the market that can lay the claim of being so complete," Bloomberg said. CA is currently integrating their eTrust and Netegrity product lines, and the resulting suite will give IBM a run for its money."

"That being said, FIM is a substantial upgrade from Tivoli Access Manager, and brings the Tivoli product line squarely into IBM's SOA product roadmap."

Other federated ID proprietors include Oracle, which bought Oblix, as well as Trustgenix, Ping Identity, HP and BMC.