Feeds

IBM, Microsoft and Liberty: together at last

In Software We Trust

  • alert
  • submit to reddit

Secure remote control for conventional and virtual desktops

ComputerWire: IT Industry Intelligence

A Sun Microsystems Inc-backed initiative on secure network identity has taken its first steps towards supporting a specification from Microsoft Corp and IBM,

Gavin Clarke writes

.

The Liberty Alliance Project this month had a presentation from VeriSign Inc, a co-author of WS-Security with Microsoft and IBM, with a view to including the XML-based specification in its own planned specifications.

The move signals an further easing of tensions between Palo Alto, California-based Sun and the industry-backed Liberty, and IBM and Microsoft, both absent from Liberty and pursuing separate security policies.

Liberty's interest comes after Sun agreed to endorse WS-Security's submission to the Organization for Advancement of Structured Information Standards (OASIS) last week.

That decision followed months of hostility between the vendors. Sun was apparently excluded from the formation of the Web Services Interoperability (WS-I) organization, which was backed by IBM and Microsoft.

Sun formed Liberty as Redmond, Washington-based Microsoft announced plans for a federated Passport. Prior to VeriSign's Liberty presentation this month, talks had taken place between Microsoft and Liberty members who were concerned both camps would develop specifications minus interoperability.

Bob Sutor, IBM's director of e-business standards, told ComputerWire he hoped Liberty would adopt WS-Security in its own specifications. A first set of Liberty specifications for a federated network single sign-on are due next month.

"We strongly hope Liberty will adopt WS-Security. The hope is that in time, the threads will come together to get a single standard," Sutor said.

A Liberty spokesperson said while members had received a presentation, an "official" analysis by a technical committee has not yet begun. "The Alliance will look at any open standards based technology for applicability within future versions of the Liberty Alliance specifications," the spokesperson said.

Sutor said last week's submission of WS-Security to OASIS could ensure other industry initiatives, such as Security Assertion Markup Language (SAML), also adopt elements of the specification. This would ensure SAML's XML-based security assertions work with WS-Security.

WS-Security provides a framework for different security assertions and certificates, such as SAML, Kerberos, 501 certificates and PKI. SAML has been developed at Oasis by 12 vendors including Baltimore Technologies Plc, RSA Security Inc and Novell Inc. Authors have developed a version that works with Simple Object Access Protocol (SOAP) and are already adapting this to work with WS-Security. The first public demonstration of SAML 1.0 is expected at the Catalyst Conference in San Francisco, California, on July 15.

Eve Maler, co-ordinating editor of the SAML specification, supported inclusion of WS-Security. "WS-Security has the potential for raising the security of web services security while SAML provides the guts. SAML is just one of the things WS-Security could wrap around it," Maler said.

One advantage of submitting WS-Security to Oasis will be the ability to flesh-out the basic specification. Sutor believes the existing specification is currently too generic in the way it integrates with assertions.

WS-Security is the first in a number of WS- specifications covering policy and trust, among other areas, proposed by IBM and Microsoft. No date is yet set for their submission to an independent standards body, although Sutor said policy level specifications would likely be next with specifications for federation following.

© ComputerWire

Next gen security for virtualised datacentres

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
Banking apps: Handy, can grab all your money... and RIDDLED with coding flaws
Yep, that one place you'd hoped you wouldn't find 'em
No, thank you. I will not code for the Caliphate
Some assignments, even the Bongster decline must
Barnes & Noble: Swallow a Samsung Nook tablet, please ... pretty please
Novelslab finally on sale with ($199 - $20) price tag
Ballmer leaves Microsoft board to spend more time with his b-balls
From Clippy to Clippers: Hi, I see you're running an NBA team now ...
Video of US journalist 'beheading' pulled from social media
Yanked footage featured British-accented attacker and US journo James Foley
Primetime precrime? Minority Report TV series 'being developed'
I have to know. I have to find out what happened to my life
Broadband slow and expensive? Blame Telstra says CloudFlare
Won't peer, will gouge for Internet transit
Netflix swallows yet another bitter pill, inks peering deal with TWC
Net neutrality crusader once again pays up for priority access
prev story

Whitepapers

A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.