SSO: The Holy Grail Of SOA
SAML (Security Assertion Markup Language) was in the spotlight again last week. An XML-based framework developed by OASIS Security Services Technical Committee, SAML allows companies to securely and automatically share identity information on the Web.
SAML (Security Assertion Markup Language) was in the spotlight again last week. An XML-based framework developed by OASIS Security Services Technical Committee, SAML allows companies to securely and automatically share identity information on the Web.First, Computer Associates announced its plans to use SAML 2.0 with eTrust SiteMinder, its Web access management product. The access management support eliminates the need to re-authenticate at each site; the product will thus allow customers to federate as identity providers or as service providers with multiple partners.
This announcement is an example of some general good news that is the focus of a special feature we have on federated identity management by Penny Lunt Crosman: that SAML 2.0 is entering the mainstream. But despite the gathering momentum, issues of trust and procedure must still be resolved, especially in this environment of frequent identity theft.
As Penny points out, Single Sign-On (SSO) has long been a holy grail for the IT community. But it has been a very distant grail for some time -- indeed, the analyst firm the Burton Group has switched to the term "reduced sign-on" because single sign-on sounds too nirvana-like.
Yet the reasons to strive for SSO are overwhelming. For productivity reasons, enterprises would love to give their employees access to all the applications they use during the day from a single login. This would also do away with all the help desk calls about forgotten passwords.
Externally, SSO would enable enormous efficiency gains. For example, a supply chain portal would be able let companies order supplies and check their suppliers' inventories or vice versa from one central place, or companies can give insurance or mortgage brokers simple online access to sell all their products.
SAML 2.0 is important because it represents the coming together of two important SSO standards efforts. After all, as recently as this past winter, various groups were working on competing standards, including SAML 1.x, the Liberty Alliance's ID-FF, Internet2's Shibboleth, and Microsoft's Passport. The Liberty Alliance and Internet2 chose to provide input to the latest version of SAML and help consolidate the standards into SAML 2.0. Read on, and learn for yourself why this is a highly significant standards release.
This week, we also featured an announcement from the Apache Foundation that it has launched what it calls its Synapse initiative, an open-source effort that seeks to produce a common, standardized way to broker services on a network. This is a significant announcement because if the initiative actually produces viable open-source code, it has the potential to challenge several commercial products, such as IBM's WebSphereMQ, Tibco Software's Rendezvous, and webMethods' Fabric. Check it out.
About the Author
You May Also Like