- Kindle back orders stretch 3 months at Amazon
- Cisco shutting down between holidays
- Smartphone smackdown: Storm vs. iPhone
- 12 myths about how the Internet works
- Google layoffs: 10,000 jobs being cut
Identity management vendor TriCipher this week rolled out a hosted service that lets companies pass-on the complexity of sharing identities with partners.
TriCipher's myOneLogin Federation service acts like a trusted hub or lets companies create their own trusted hubs so they can share identity credentials in order to secure access controls across corporate boundaries.
While the merits of federation are well understood, the complexity of establishing contractual agreements with partners around federation has slowed adoption of the technology.
TriCipher officials say the goal is to create federation on-demand and a place where companies that trust myOneLogin by association can trust each other.
The service supports the Security Assertion Markup Language (SAML) 1.1 and 2.0, WS-Federate and Active Directory Federation Services (ADFS). It also works with corporate directories that support the Lightweight Directory Access Protocol and other federation software.
TriCipher, which competes with companies such as Ping, launched myOneLogin service earlier this year focusing on strong authentication. The company quickly added provisioning capabilities for such online applications as Salesforce.com and Google Apps before coming out with its federation add-on.
With the service, each user federates with myOneLogin, which then provides the option to federate with anyone else subscribed to the service.
The service validates assertions that come in from a sender and it then creates a SAML assertion and forwards it to the intended recipient. If the recipient does not speak SAML, they enclose the original assertion in an XML-wrapper and forward it back to myOneLogin via a private channel. The service then validates the assertion and sends back a simple reject or accept.
If the answer is "accept" the service includes relevant attributes about the user's access rights as part of the XML file.
As part of the service, users can set up their own privately branded hubs with a collection of partners, using myOneLogin in the background to perform validations.
Companies also can use their own directories as their authoritative source of user information so they don't have to store any user data with myOneLogin.
"What is happening is that this eliminates the need for people to go through the complex process of implementing something to support federation," says Vatsal Sonecha, vice president of business development and product management at TriCipher.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment