Securing Identity a Novell, Oracle Affair

With interest in secure single sign-on services reaching new heights, Oracle
and Novell
unveiled new identity management products at the Burton
Group Catalyst Conference in San Diego.


Oracle revealed enhancements to its Oracle
Identity Management (OIM) product, including security features based on a
service-oriented architecture (SOA) model and improved federated identity
features from its stealth acquisition of Phaos Technology.


OIM secures user management across multiple applications and environments.
It includes the Oracle Internet Directory as well as security components and
services provided by Oracle Application Server 10g, including provisioning,
authentication and single sign-on. Phaos’ Centuris and Liberty Components
have become part of OIM.

Upilli Srinivasan, director of Oracle’s identity management and security
products, said the Phaos acquisition was a natural fit.


For one, Oracle had been closely partnered with the small company for three years. For another, Phaos had the technology Oracle felt it
needed to improve Web services security in its application server. It also
didn’t hurt that Phaos was a leading developer of the ID management
standards in the Liberty Alliance, which Oracle joined this week.


Just as Web services and SOAs promote
communications among disparate applications or technologies, OIM aims to
help companies access their business partners’ applications with safe
identity credentials.


With such ID management, daily business transactions can be conducted with
little fear of security threats. While the Web has been a conduit
for ID theft because of its wide open access, federated ID management will
make it easier for customers and employees to conduct business
electronically with a company and its partners.


In one enterprise scenario, when a new employee account is created in the
human resources database, that employee will be able to request access and
get authenticated to partner systems by requesting federation of their
identity information. Ideally, ID management software will immediately
provision the user account and enable single sign-on to the partner system.


ID management software is lucrative business, according to a recent
study by the Radicati Group. The research firm said sales in the identity
management software market will soar from $738 million worldwide this year
to $10.2 billion by 2008.


That’s a jump from last year’ research, which pegged the 2003 market size at $551 million growing to $5 billion by 2007. The new growth estimates could indicate that
the market is growing at a faster clip than users thought, the Radicati
said.


The improved OIM solution is the latest step Oracle has taken to raise its
profile in the Web services market, a multi-billion-dollar enterprise where
security remains one of the biggest obstacles to widespread adoption.
Earlier this week, Oracle joined
the Liberty Alliance ID management standards group as a sponsor member.


The Redwood Shores, Calif., software maker said it plans to
contribute its expertise to propel the consortium’s ID-FF and ID-WSF
standards for identity federation. ID-FF is important because it does the
work of both directory and authentication services, allowing applications to
safely to communicate with one another.


Meanwhile, software maker Novell Wednesday also trotted out its ID
management software, code-named Odyssey. Like OIM, Odyssey will help
businesses share ID information among business partners and systems.


Odyssey will let IT managers provide single sign-on authentication, policies
and management based on the Liberty ID-FF spec, allowing users to share
sensitive data without compromising privacy. But Novell said
that Odyssey is a cut above the rest.


“While current Liberty-enabled federated identity projects focus on sharing
identity information and require that users have accounts on each federated
system, Odyssey goes a step further by managing and provisioning user
accounts across each partner system,” the Provo, Utah, company said in a statement.


“When a user accesses a partner site where he does not have an account, he
will have the option to automatically provision a new account based on
information in the corporate directory that the administrator has deemed
relevant to that partner.”


Odyssey will provide proxy functionality so that when it is set up in front
of another server, it will provide Liberty or SAML support for
almost any application or service. As soon as the two servers exchange
agreed upon metadata, identity information can be federated between systems.
Odyssey is expected to ship in early 2005.


In related news, security software maker Oblix, rolled out Oblix COREid 7,
its latest identity management software, with new features for broader
employee management and regulatory compliance. So did Courion Corporation,
which rolled out version 7.0 of its Identity Management Suite (IMS).


7.0 includes ComplianceCourier, which automates a broad set of processes for
organizations to achieve compliance with corporate policies and government
and industry requirements.

News Around the Web