Certificate authority banking consortium Identrus (www.identrus.com) has thrown its weight
behind a group of developing standards in the single sign-on movement by joining Web services interoperability group Liberty Alliance.
Identrus, which is made up of 60 global banks that work on policies and
frameworks for identity management in Web services
joins as a supporting member. With over 160 members, the Liberty Alliance
works to promote open standards in building federated network identity
platforms for Internet-based commerce and Web services.
As a new member of Liberty, Identrus said it would assist the
development
of global standards for identity authentication as part of the consortium’s
effort to create an open and interoperable standard for federated network
identity and identity-based Web services.
The move could help the alliance continue advancing its work in the SAML
exchange
authentication and non-repudiation information within a Web environment —
the development of which has long been a stumbling block in the Web
services
and single sign-on movement.
But SAML, an XML-based framework, is also one of several security-based
languages that are under consideration by the Organization for the
Advancement of Structured Information Standards (OASIS), which helps ratify
interoperability standards.
As previously reported, OASIS is currently working on version 2.0 of the
SAML
security language after it ratified version 1.0 of SAML in November 2002.
At the same time, Microsoft and IBM are working on a separate identity
standard and OASIS has said it would consider all submissions to the next
version of SAML before version 2.0 is ratified.
Identrus’s membership in the Liberty Alliance, itself a vote for the
alliance’s security version, was not unexpected, given its moves in recent
months. In July, for example, a group of major banks including J.P. Morgan
Chase and Citibank — which are also members of Identrus — issued
an opinion that endorsed the OASIS SAML and Liberty Alliance Identity Federation Framework v1.1 specifications as worthy of the needs of financial institutions in moving
to Web services.