Ceridian To Offer Single Sign-On Capability For Its HR Services

Human-resources outsourcing firm Ceridian Corp. plans to provide employees at client companies with access to benefits and administration systems via a new single sign-on capability, eliminating the need to remember multiple IDs and passwords.

Ceridian will use IdentityBridge software from Trustgenix Inc. to authenticate employees' identities at internal and external Web sites that provide health and benefit, time-off, retirement plan, and other HR services. Ceridian will begin live testing with customers in 45 to 60 days.

IdentityBridge supports Security Assertion Markup Language, an XML-based metalanguage that enables single sign-on. SAML version 2.0 provides layers of privacy and security that will enable Ceridian to vouch that an employee's identity has been verified by a trusted source, says Curtis Peterson, Ceridian's VP of product development for benefits solutions.

For example, SAML version 2.0 allows multiple identity-management providers to recognize individuals by a pseudonym that masks identifying information such as E-mail addresses and account names. It also permits attribute statements, name identifiers, or entire assertions to be encrypted, providing further assurance that an individual's identity is secure. A session-management feature automatically terminates all HR sessions after a set period of inactivity, reducing the chance that an employee can view another employee's confidential information.

IdentityBridge communicates with products from other identity-management providers--a prerequisite for the federated identity-management model being promoted by the Liberty Alliance, a group of technology and end-user companies. "Trustgenix has built links to Netegrity, RSA Security, and other identity-management companies to which we need or will need to connect," Peterson says.

HR services outsourcer Hewitt Associates has long offered its customers a single sign-on capability using an internally developed system called Hotel, says Tim Hilgenberg, chief technology strategist for applications. Hewitt is moving to replace Hotel with a standards-based system employing SAML. Says Hilgenberg, "Over the last three to six months, customers have requested us to move to an open-standards approach."