Liberty Alliance

From Wikipedia, the free encyclopedia

The Liberty Alliance, also known as Project Liberty, is a broad-based industry standards consortium developing suites of specifications defining federated identity management and web services communication protocols. These protocols are suitable for both intra-enterprise and inter-enterprise deployments. The initial Project Liberty specifications were for Federated Single sign-on based on SAML.

In the context of Liberty, single sign-on is the process whereby a user is able to log into a single account and request services from several services providers within a "Circle of Trust".

A distinctive feature of "Liberty" is the "federation" process. Instead of deciding what right each user has to access a Service Provider without re-authenticating, in "Liberty" it's the user who decides if she/he wants to access this service provider without re-authentication. The condition to enable this right is that the user must authenticate at an Identity Provider who is recognised by the Service Provider.

This makes "Liberty" a practical framework for identity management in the context of extended-Enterprise applications, where users typically entrust the management of personal data to the Enterprise.

However, other emerging approaches to digital identity management, such as the "blinded" data encryption technology of Credentica, promise to enable comparative improvements in user-centric privacy over current Liberty standards, enabling the user to mask their usage of personal data from the central Identity Provider as well as the Service Providers within each Circle of Trust.

It remains to be seen how the conflicting dynamics of the business incentives of customer "lock-in" on one hand (maintained by the requirement for users to trust the Identity Provider) and added-value provision to customers on the other (brought about by putting customers in full control of their own data) play out in determining whether and when Liberty embraces this more radical approach to user-privacy empowerment. Also relevant here are intellectual property issues, such as patent encumberance, around the relevant technologies (such as Credentica's), which may inhibit their take-up within standard technology architectures.

Contents 1 History 2 Functional architecture 3 Implementation 4 Affiliates and partners 4.1 Management board members 4.2 Sponsor members 4.3 Associates and affiliates 5 See also 6 References 7 External link

[edit] History

The Liberty Alliance Project was founded in September, 2001 out of a broad global partnership, led by Sun Microsystems. Initial founding and charter members of the project included: ActivCard, American Airlines, the Apache Software Foundation, Bank of America, Bell Canada Enterprises, Cingular Wireless, Cisco Systems, CollabNet, Dun and Bradstreet, eBay, Entrust, Fidelity Investments, France Telecom, Gemplus, GM, Global Crossing, i2, Intuit, Liberate Technologies, Nokia, Novell, NTT DoCoMo, Openwave, O'Reilly and Associates, RealNetworks, RSA Security, Sabre, Axalto, Sony Corporation, Sprint, Sun Microsystems, Travelocity, United Airlines, Verisign and Vodafone.

[edit] Functional architecture

The Liberty Alliance protocol defines a federative architecture, where each service manages a subset of user data (the user thus may have different accounts, one by service). However, each service shares the user data it owns with its partner services.

This approach has been developed to address the distributed user management problem, while each partner service has its own security policy. An example of application may be a network made of business web sites: they are independent from each other, commercially and organizationally.

[edit] Implementation

The Liberty Alliance specification led to various implementations, such as:

• Sun Java™ System Access Manager, a Java solution developed by Sun Microsystems ;
• Lasso (Liberty Alliance Single Sign On), a free library coded in C.

[edit] Affiliates and partners

[edit] Management board members

America Online France Télécom IBM Novell Sun Microsystems

Ericsson General Motors Intel Oracle Corporation

Fidelity Investments Hewlett Packard NTT RSA, the Security Division of EMC

[edit] Sponsor members

Active Identity Avatier Identity Management Software Bipac Prosperity Project Credentica Falkin Systems LLC General Services Administration MedCommons Inc. New Zealand Government State Services Commission Symlabs Telenor R&D Wave Systems

American Express Axalto (Gemalto) BMC Software Deutsche Telekom AG, T-Com France Government - Agence pour le Développement de l'Administration Electronique (ADAE) Kantega NEC Nokia Telefonica I+D VeriSign

Amsoft Systems Bank of America Computer Associates Diamelle Technologies, Inc. Fugen Solutions, Inc Livo Technologies NeuStar SmartTrust [1] Telefónica Móviles Vodafone

[edit] Associates and affiliates

• See the List of Liberty Alliance associates

Current membership

[edit] See also

• OASIS (organization)
• InfoCard
• YADIS
• Microsoft Passport Network

[edit] References

• Sun products to get a taste of Liberty - Cnet.com - February 7, 2002
• Sun sends forth first version of Liberty - Cnet.com - July 15, 2002
• A move toward open identities - Zdnet.com - September 26, 2001
• Sun reveals partners for online effort - ZDNet.com - September 26, 2001
• Industry Leaders To Form Liberty Alliance Project — Press Release

[edit] External link

• Liberty Alliance web site