RealTime IT News

ID Purveyors to Meet with Deployers - Object: Single Sign-on

Tired of remembering a daunting list of passwords and user names for virtually everything you do? IT administrators are, too. But the problem lies in more than just one identity system – it's partly that there are multiple ID systems that need to interoperate.

At a meeting later this month, the Concordia Project, an initiative aimed at enabling interoperability between competing identity metasystems, is preparing to host real-world scenario presentations by several large customers.

Concordia's September 26 meeting will be a follow on to the forum's June 26 meeting, where a small group of very large IT customers talked directly to the purveyors of ID metasystems, including Microsoft's CardSpace, Liberty Alliance, and OpenID, who were in attendance.

Whereas GM, Boeing, and the provincial government of British Columbia, Canada were among the presenters in June, this month's meeting will feature user case presentations from Chevron, the InCommon Federation and the State Services Commission of the New Zealand government, according to a statement from the Concordia Project.

The Concordia Project was first announced in February at RSA 2007, and the group has held three meetings since then, most recently in June. Like the last meeting, this one will be held in San Francisco, and the venue for the gathering this time will be the Digital ID World 2007 conference.

Key to the process is getting customers to describe their interoperability needs directly to the purveyors of the identity metasystems in an open forum.

"[The meetings are about] getting the actual end users out in front, bringing more focus on what's important for interoperability," Gerry Gebel, vice president and service director for Identity and Privacy Strategies at researcher Burton Group, told Internetnews.com "It injects the end-user perspective into the process," he added.

The idea of federation among ID metasystems is not new. Achieving so-called single sign-on across metasystems, however, has been elusive and often adversarial through the years. And while progress has been slow for Concordia so far, the initiative is less than a year old, Gebel points out.

One of the reasons the Concordia Project may succeed is due to the project's informality.

"The participants don't have to review a membership agreement [meaning] you don't have to send it to the lawyers six months in advance [which] really lowers the barrier to participation," Gebel added.

Eve Maler, a community leader in the Concordia Project and a technology director at Sun Microsystems agrees.

Part of the problem is that IT metasystem purveyors have to voluntarily work together to meet users' needs – this isn't a standards body, after all. So hearing from deployers of the technologies and getting their ideas as to how best meet their interoperability needs is paramount.

"Multiple ID systems are going to be here for a long time and mixing these systems is very difficult," Maler told Internetnews.com. "Concordia is an attempt to make a place where the various parties can come together," she added.