Organizations Using SAML 2.0 For Digital Identity Management
Liberty Alliance, the global identity consortium working to build a more trusted Internet for consumers, governments and businesses worldwide, recently released highlights of SAML 2.0-based digital identity management applications that are delivering real world value to users and organizations around the globe.
These applications are among the many public and private sector deployments helping to drive a more secure and privacy-respecting Internet identity layer across applications, sectors and regions based on SAML 2.0 standards.
"Virtually all federation efforts and almost all federation product vendors have built-in SAML 2.0 support," said Gregg Kreizman, research director at Gartner. "Governments and enterprises planning new identity federations should base their implementations on the SAML 2.0 standards."
With government organizations in The Americas, Asia, Australia and Europe building and deploying SAML 2.0-based identity applications, SAML 2.0 has become the standard of choice in the global eGovernment and public sectors. These governments are relying on SAML 2.0 to deliver a wide variety of new online services to citizens, help meet compliance mandates and to provide business and trading partners with a secure and trusted platform for conducting identity related transactions. A digital map and description of global eGovernment deployments based on SAML 2.0 Liberty Federation is available at http://projectliberty.org/liberty/adoption/egovernment/egov_world_map.
"The beauty of the proven interoperable SAML 2.0 standard is that it has been developed with input from deployers and vendors of digital identity management solutions to support a broad range of online identity related transactions," said Roger Sullivan, president of the Liberty Alliance Management Board and vice president of Oracle Identity Management. "From authenticating at social networking sites to enterprise, financial and government transactions requiring the highest degree of security and privacy protection, SAML.2.0 is providing the foundation for organizations in every sector to build and deploy successful digital identity management solutions."
The applications highlighted are only a small sample of the hundreds of B2B and consumer-facing SAML 2.0-based deployments and proof-of-concept applications in the global identity market. These applications span vertical segments where users and deploying organizations demand the highest levels of security and privacy protection and proven interoperability is critical to managing wide scale digital identity management solutions. Liberty Alliance maintains a list of deploying organizations at http://www.projectliberty.org/liberty/adoption with highlights from the applications recently announced including:
Google -- Using SAML 2.0 allows Google's customers to treat web-based authentication to Google Apps the same way they treat authentication to their other services.
"We're extremely happy with the number of products that natively support SAML, as well as the number of people available to help our customers use it," said Gabe Cohen, product manager, Google Enterprise. "We chose to support SAML because it provides immense flexibility as a robust standard and the security that our customers demand. Ultimately, we want our customers to make their own decisions about their security and authentication policies, and SAML makes it easy."
For more information on Google Apps, visit www.google.com/a.
NTT -- NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity- based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information.
"Our technology employs mobile phones and SAML 2.0 to strike the tough balance between security and privacy concerns on the one hand, and usability on the other-two necessities in the modern world," said Dr. Kenji Takahashi, senior research engineer and supervisor, NTT Information Sharing Platform Laboratories.
The US GSA E-Authentication Solution -- Originally launched in 2002 as part of the President's Management Agenda, E-Authentication Solutions assists federal agencies in mitigating the security and privacy risks associated with e-government and helps control government costs associated with authenticating large numbers of end users. In October, the General Services Administration (GSA) announced that passing Liberty Alliance SAML 2.0 interoperability testing is a prerequisite for participating in the E- Authentication Identity Federation. The decision by E-Authentication Solutions to have vendors pass Liberty Alliance SAML 2.0 testing recognizes the important role proven interoperability plays in advancing identity federations. More information about the E-Authentication Solution is available at http://www.cio.gov/eauthentication/.
"E-Authentication Solutions wants federal agencies to be able to select the software that meets their unique business requirements while also delivering assurances that it will interoperate with other applications used within the Federation," said Myisha Frazier-McElveen, acting program executive, E-Authentication Solutions. "The GSA is requiring vendors to pass Liberty Alliance SAML 2.0 interoperability testing to help ensure identity products can interoperate from day one and provide long-term business value to government agencies."