RealTime IT News

Liberty Specs Lock Up Digital Devices

Liberty Alliance has released blueprints that will allow users to manage identity information on handheld computers, laptops, printers and televisions.

Called Advanced Client, the specs let programmers write software that will safely store identity data on a device to make single sign-on, Web services, authentication and user-controlled provisioning possible when the device is connected to a network or offline.

Liberty, a consortium including AOL , HP , Intel and others dedicated to ensuring safe Internet transactions, published the specs at a time when concerns about managing online identities is at a boiling point.

New research from Gartner shows that some 15 million Americans fell prey to some form of identity-theft fraud over a one-year period ending in mid-2006. That's more than a 50 percent increase from the 9.9 million victims in 2003.

The rise in identity-fraud transgressions and data leak cases, such as T.J. Maxx, have elevated the ire of digital consumers and forced the U.S. government to consider creating new laws to govern Internet identity.

While OpenID, Microsoft's CardSpace and Project Higgins are all addressing secure identity management on Web sites, Liberty created Advanced Client to assuage identity-fraud concerns at the client level.

Advanced Client specs include Trusted Module, which allows the client to assert assurances on behalf of the authority issuing the identity in a smart card or other token.

Service Hosting/Proxying (SHPS) technology in the specs allows a service, such as a calendar or e-commerce profile, to be hosted on a client device, such as a smartphone or laptop. Others may interact with the service when the device is online or offline via a proxy based on controls established by the user.

Advanced Client relies on Liberty's core Web Services (ID-WSF 2.0) specs, which support OASIS' WS-Addressing and WS-Security specifications.

For Liberty, the specs represent the third leg of Liberty's work in delivering increased identity management functionality to client devices.

In phase one, Liberty defined the Liberty Enabled Client/Proxy (LECP), which supports federation operations as the Enabled Client/Proxy.

The Active Client, part of phase two, provides client-based Web services functionality, single sign-on into Liberty Web Services and support for any authentication model.

Work on phase four is under way: the Robust Client specs will support digital identity relationships, mobility and strong authentication.