- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
As an analyst, I often feel most validated when groups on both sides of an issue are equally upset about a presentation I've given. When in the past both Microsoft and Liberty Alliance complained about my positions on federated identity, I've taken the crossfire as proof that my point of view was balanced.
This year, however, Microsoft liked my presentation at Burton Group's Catalyst Conference, and Liberty Alliance seemed happy enough, as well. All the positive feedback had me wondering: What gives?
Something has changed for the better in the industry. In my speech I said, "The glass of identity interoperability is three-quarters full." Last year, a similar slide read "half full."
The difference today is that the interoperability of vendor products has exceeded anyone's expectations. This spring, when planning a multi-vendor and multi-protocol federation demo for Catalyst, I thought we would be lucky to find a few vendors with multi-protocol hubs to coordinate.
But in the actual demo, 14 identity-management vendors interoperated through multi-protocol hubs; translation and hybrid scenarios involved browsers and Web services. They simulated an "automotive value chain," where dealers and manufacturers use different federation protocols, showing interoperability between Liberty Alliance, Shibboleth, multiple versions of Security Assertion Markup Language (SAML ), WS-Federation Passive Profile, WS-Security and the WS-Trust specification, which defines a Security Token Service. The last three are part of the WS family of protocols Microsoft and IBM are developing.
In addition, Microsoft, IBM and partners announced their commitment to contribute WS-Trust, WS-SecurityPolicy and WS-SecureConversation to the Organization for the Advancement of Structured Information Standards (OASIS ) in September. This long-awaited move and the successful interoperability demo signify that, for the most part, vendors have moved past arguing about the standards and on to implementing them.
With the standards wars winding down at last, some loose ends remain. Microsoft should still develop full OASIS SAML browser profile support. Liberty Alliance should begin converging some of its advanced work with the WS specifications now going to OASIS. WS-Policy and other specifications from Microsoft and IBM's vendor group should also go to OASIS or another standards body soon.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment