Liberty Specs Lock Up Digital Devices


Liberty Alliance has released blueprints that will allow users to
manage identity information on handheld computers, laptops, printers and
televisions.


Called Advanced Client, the specs let programmers write software that will
safely store identity data on a device to make single sign-on, Web services,
authentication and user-controlled provisioning possible when the device is
connected to a network or offline.


Liberty, a consortium including AOL , HP ,
Intel and others dedicated to ensuring safe
Internet transactions, published the specs at a time when concerns about
managing online identities is at a boiling point.


New research from Gartner shows that
some 15 million Americans fell prey to some form of identity-theft fraud
over a one-year period ending in mid-2006. That’s more than a 50 percent
increase from the 9.9 million victims in 2003.


The rise in identity-fraud transgressions and data leak cases, such as T.J.
Maxx
, have elevated the ire of digital consumers and forced the U.S.
government to consider
creating new laws to govern Internet identity.


While OpenID, Microsoft’s CardSpace and Project Higgins are all addressing
secure identity management on Web sites, Liberty created Advanced Client to
assuage identity-fraud concerns at the client level.


Advanced Client specs include Trusted Module, which allows the client to
assert assurances on behalf of the authority issuing the identity in a smart
card or other token.


Service Hosting/Proxying (SHPS) technology in the specs allows a service,
such as a calendar or e-commerce profile, to be hosted on a client device,
such as a smartphone or laptop. Others may interact with the service when
the device is online or offline via a proxy based on controls established by
the user.

Advanced Client relies on Liberty’s core Web Services
(ID-WSF 2.0) specs, which support OASIS’ WS-Addressing and WS-Security
specifications.


For Liberty, the specs represent the third leg of Liberty’s work in
delivering increased identity management functionality to client devices.


In phase one, Liberty defined the Liberty Enabled Client/Proxy (LECP), which
supports federation operations as the Enabled Client/Proxy.


The Active Client, part of phase two, provides client-based Web services
functionality, single sign-on into Liberty Web Services and support for any
authentication model.


Work on phase four is under way: the Robust Client specs will support digital
identity relationships, mobility and strong authentication.

News Around the Web