has formally joined the red-hot federated identity
fray, revealing new single-sign on software that helps enterprises safely
let users tap into their computer resources.
Tivoli Federated Identity Manager (FIM) allows users to set up accounts and
sign on to use internal and external services across a company and its
partner Web sites. Users on a FIM-based network don’t require another
user ID and password, which saves businesses the hassle of spending time
setting up additional accounts.
FIM also automates the creation and deletion of accounts, an important asset
when employees change companies and might still have access to
sensitive data from their previous employer. FIM eliminates the risk of ID
misuse by wiping out outdated user accounts.
IBM crafted FIM as a solution to a nagging problem in the sharing of
sensitive information. Because there is really no standard way for companies
to trust each other, they end up creating their own user accounts and
passwords. This can prove costly and expose user identities.
Federated identity software alleviates this burden, shepherding secure
transactions between companies or applications that don’t share a common
security architecture. Such technology is important in Web services
where applications must securely communicate and exchange information.
IBM, which joined
the federated ID group Liberty Alliance last fall, is a big believer in
bridging the communication gap between companies that need to share
information with affiliated parties.
The company said in a statement it expects federated identity products to
get a boost from the increase in the number of employees on the go who
require more mobile computing services. Businesses are also doling out more
remote access for suppliers and partners via corporate intranets, according
FIM, which supports Liberty, SAML, WS-Federation, WS-Security and WS-Trust
standards and specifications, builds on the Armonk, N.Y., company’s
successful Tivoli Access Manager software. Layer 7 Technologies, DataPower, Reactivity, Sarvega and VeriSign are working with customers to deploy software using FIM.
ZapThink analyst Jason Bloomberg said FIM differs from competing products
because it covers the gamut of federated ID needs: identity and access
management; single sign-on or federated user provisioning; and Web services
“There are few other products on the market that can lay the claim of being
so complete,” Bloomberg said. CA is currently integrating their eTrust and
Netegrity product lines, and the resulting suite will give IBM a run for its
“That being said, FIM is a substantial upgrade from Tivoli Access Manager,
and brings the Tivoli product line squarely into IBM’s SOA product roadmap.”
Other federated ID proprietors include Oracle, which bought Oblix, as well
as Trustgenix, Ping Identity, HP and BMC.