RealTime IT News

Single Sign-On, The Java Way

Sun Microsystems ratcheted up its identity management portfolio by offering two new products that help corporations extend secure access to outside partners and suppliers.

Called Java System Federation Manager and Java System Identity Manager Service Provider Edition, the products allow customers to deploy ID management and user provisioning for applications and computer gear outside their intranets and firewalls.

The idea is to allow partners access to specific sites without letting them run roughshod over the network, peeking at any data they desire. This is a major change from the traditional method of walling off networks to partners and customers.

Sun's approach could prove attractive to enterprises looking to extend distributed computing models, such as service-oriented architectures , outside their corporate networks. Large organizations such as telecommunications firms or financial services outfits could find such technology valuable as they handle millions of transactions and customers.

Eric Leach, product management director at Sun, said Federation Manager allows users to set up and maintain passwords for single sign-on and Web services between several partners. Partners can use the tool to exchange authentication information, or connect identities across several sites.

The software supports Security Assertions Markup Language , Liberty Identity Federation Framework and Liberty Identity Web Services Framework standards, too. The tool can also integrate proprietary mechanisms, such as a Windows desktop.

Identity Manager Service Provider Edition provides identity administration tools that make it easy for businesses to deploy applications and services from third-party partners.

The product, which grants smooth data exchange in high-volume extranets, allows customers to replace less sophisticated and reliable identity management programs. The software can also automate the setup and management of federated accounts.

Leach said Sun crafted the new software to fill a market gap in terms of how partners were putting together federation on their side. Companies were creating too many one-to-one federated relationships instead of many-to-many exchange models.

"The ability to provision users and do delegated administration provided by Identity Manager Service Provider Edition is really unique in the market," Leach said. "There aren't a lot of capabilities out there to do that broad, federated provisioning across a bunch of different partners at the same time."

Leach said the products will likely be added to Sun's identity management product arsenal, which includes Java System Access Manager, Identity Manager, Identity Auditor and Directory Server Enterprise Edition. Federation Manager starts at $150,000 and Identity Manager Service Provider Edition will cost companies $300,000 to start.

Sun competes with IBM, Oracle, Computer Associates and a slew of other vendors in the identity management software space. Oracle and CA acquired Oblix and Netegrity, respectively, to shore up their federated ID assets. Sun and IBM choose to bake their ID management products in house.