Sxip simplifies identity management across domains

How do you reconcile user identities across organizational boundaries? Sxip wants you to use its appliance

By Galen Gruman
May 15, 2006

Talkback

E-mail

Printer Friendly

Reprints

Most enterprises have worked hard to properly authenticate users and manage access to systems. But as more enterprises subscribe to SaaS (software as a service) offerings or other provisioned services, managing identities and access privileges gets harder. How does your provider know how to authenticate users? And can providers and enterprises afford to support a web of identity management systems among them?

Return to special report

DOWNLOAD PDF

Click here to download InfoWorld's special report 15 tech startups to watch

Sxip Identity’s answer to these questions is the Sxip Access appliance. IT maintains its existing identity management system, using its preferred authentication method. The service provider passes user authentication data along to the enterprise. The Sxip appliance handles the interactions between the two systems, so no custom integration is required, says Dick Hardt, Sxip’s CEO. “This lets ASPs accept a wide variety of credentials without having to do something special for each,” he says. IT can use the same appliance to receive authentication requests from multiple providers.

But Hardt sees Sxip Access as just the first step. Sxip Access still requires a tight coupling between provider and enterprise -- they need to have an existing relationship and agree on what data will be passed on to the enterprise, even if the enterprise does all the validation work.

So Sxip is working on Version 2 of its Simple Extensible Identity Protocol for an approach to identity management that eliminates the need to exchange mutual secrets (passwords, biometrics, secret questions, and other tokens), the standard authentication approach today. Instead, the user authenticates himself to the validation engine of his choice (internal IT or a service provider) and transmits an encrypted identifier message to the other party, which then uses its choice of provider to verify the integrity of the message. If the message is valid, the recipient has the identifier and associated profile to know what permissions to provide. This is similar to the approach used in Kerberos and SAML, he notes, but is better suited for loose federations of interactions.

The Sxip 2.0 protocol should ultimately simplify IT identity management efforts around e-commerce, supply chains, and distributed organizations, Hardt says, by permitting a loosely coupled approach to identity management for on-the-fly and one-time connections.

Click for larger view.

Galen Gruman is contributing editor at InfoWorld.

Add to:

Digg

Talkback:

comment Post a Comment

MOST COMMENTS

The last chance to save Windows XP

Windows 7 is coming. Will your PC be ready?

After Bill Gates, five possible futures for Microsoft

A requiem for Windows XP

>> Talkback: Have your say

Remote Access: Maintain Security and Decrease the Burden on IT
Join this interactive webcast to discover how IT Managers can control access rights, end-user security settings and end-point authorization. Sponsor: Citrix(R) GoToMyPC(R) Corporate

» Click here to view this Webcast

Zombie PCs Are Attacking Your LAN
A recent study showed that malware-infected zombie PCs are now a bigger threat to ISPs and Web infrastructure than DoS attacks. As this brand new IT Strategy Guide explains, an increased use of peer-to-peer techniques by the attackers has made it harder to fight back. Download now, compliments of Verio:

» Click here to download now

- Special Advertising Partners -

WHITE PAPERS

Transformational Analytics: Virtualizing IT Environments - The overwhelming complexity of the modern data center compounds the problem of how to safely virtualize IT environments....
Wide Area Data Services - Finally - some clarity in the application acceleration and WAN optimization space. Find out how WAFS, WAN optimization, ...
Five Ugly Truths about WAFS and Caching - WAFS and caching are approaches used to accelerate specific applications. They sound good in theory - saving bandwidth and...
Advanced Workload Analysis Techniques - After business and technical constraints have been analyzed, virtualization planning becomes a trade-off between how much...
Refine your company's plan for a Business Disruption Event - Many firms fail to consider how lines of communication will stay open in the event of a BDE. Make sure your company's mobile...
Factors to consider when comparing DSL or Cable - As the demand for high-speed access increases, businesses are looking for cost-effective connection options for remote workers...

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Find out when the latest white paper is available:

INFOWORLD MARKETPLACE

Deliver REMOTE SUPPORT Easily. Try WebEx FREE! - DOWNLOAD WEBEX SUPPORT CENTER FREE! Deliver efficient, effective support. CRUSH SUPPORT LOG JAMS!
Migrating to an IP-VPN? XO Can Make It Happen - Learn the five critical success factors with a free whitepaper from XO Enterprise Solutions.
Sign up to TRY WEBEX SUPPORT CENTER FOR FREE! - Get your FULL FEATURED trial here. Share documents and applications, address support challenges.
IP Networks Boost Secure Health Communications - AT&T provides secure communication to keep health care moving forward.
Why a CMDB? - IT best practices (ITIL) have shown the benefits of a CMDB. Click for whitepapers.

» BUY A LINK NOW

Sxip simplifies identity management across domains

MOST COMMENTS

» Technology White Papers Library

Technology White Papers by Topic

Technology White Papers E-mail Alert

Video

Podcasts

InfoWorld Blogs

Columnists

Find Products and Companies

Resource Center

Sponsored Technology Links

Sponsored Technology Links
CA - Efficient - Flexible - Compliant PGP - Is Your Data Safe? Novell, IBM, and Intel - Solution for Open Virtualization Provides Server Consolidation Curl - IT Guide: Rich Internet Application (RIA) Security HP/Intel - If you don't have enough I/O, your VMs aren't going to go. Symantec - Whitepaper: Secure, recover, and archive critical information Microsoft - {Open Source} Heroes Happen Here Symantec - Whitepaper: Protecting Microsoft(R) Applications Riverbed - Five Ugly Truths about WAFS and Caching InterSystems - Use Ensemble - quickly create composite applications. AT&T - Factors to consider when comparing DSL or Cable Cirba - Advanced Workload Analysis Techniques Rackspace - Go Green Without Sacrificing Server Performance CA - Manage your IT more effectively. AT&T - Measuring mobile productivity AT&T - Thinking about IMS CA - Plan IT better, Manage IT better. AT&T - Refine your company's plan for a Business Disruption Event AT&T - Going mobile with today's technology Cirba - Consolidating Workloads onto Mainframes AT&T - What to expect from a Technology Assessment.		AT&T - Class of Service: Myths and Misconceptions AT&T - Enhancing security through Quantum Cryptography Riverbed - Wide Area Data Services Microsoft - Microsoft Forefront makes defending your systems easier. Learn how. HP - Explore the interactive whitepaper: Rightsizing Blades for the mid-market. Symantec - Webcast: Beyond AntiVirus AMD - Renowned Engineering Institution Chooses AMD Processor-Based Servers AMD - Watch this flash demo of the Quad-Core AMD Opteron Processor EMC - EMC and VMware help you build your virtualized infrastructure. AMD - HP and Oracle deploy unbreakable computing infrastructure Qwest - Learn how Qwest voice and data solutions can save you time. MKS - The Power of UNIX/Linux on Windows with MKS Toolkit Vision Solutions - Is your smaller organization ready for High Availability? Vision Solutions - Is system maintenance doing more harm than good? HP - NEW HP LaserJet P4014n printer Starting at $699 after $100 IS. HP - HP LaserJet M3035 MFP series Starting at $1,599. SHOP NOW HP - Speed, agility, flexibility - The HP BladeSystem c-Class. Vkernel - Resolve Capacity Bottlenecks and Enhance Your Virtual Environment Nokia - Restore Your Mobile Devices With One Click Oracle - The Power of Two with SOA and BPM

	HOME NEWS BLOGS PODCASTS VIDEOS TECHNOLOGIES TEST CENTER EVENTS CAREERS	About \| Advertise \| Awards \| RSS \| Contact Us
Copyright © 2008, Reprints, Permissions, Licensing, IDG Network, Privacy Policy, Terms of Service. All Rights reserved. InfoWorld is a leading publisher of technology information and product reviews on topics including viruses, phishing, worms, firewalls, security, servers, storage, networking, wireless, databases, and web services. CIO :: ComputerWorld :: CSO :: Demo :: GamePro :: Games.net :: IDG Connect :: IDG World Expo Industry Standard :: IT World :: JavaWorld :: LinuxWorld :: MacUser :: Macworld :: Network World :: PC World :: Playlist