Liberty Alliance helps fuel use of identity specs

As the Liberty Alliance Project gathers momentum, industry insiders are expecting a sharp rise in the use of products and services that use Web identity-management specifications.

On Tuesday, the Liberty Alliance Project said it expects the number of people and devices using federated identity specifications it endorses to top one billion this year. The one billion figure includes people who have created identities using the Liberty-endorsed specifications, plus devices and Web sites that use the protocols.

In general, the identity-management specifications battle has subsided, said Graham Titterington, a principal analyst with Ovum Ltd. in London. "Most of the industry players are now backing Liberty," Titterington said.

Liberty has supported SAML (Security Assertion Markup Language) 2.0, a specification ratified in February 2005 that incorporated elements of several other specifications. The market for federated identity products is expected to grow because of wide adoption of SAML 2.0, according to research firm IDC.

IDC predicts that the market for identity-access management products, which securely verify users' log-on identities, will sharply increase from about US$2.9 billion this year to $4 billion through 2009, partially through the establishment of industry standards.

Identity-access management includes technologies such as Web single-sign on, which allows for the sharing of log-in information across different Web sites, and advanced authentication methods such as smart cards and directory services.

Another set of specifications is WS-Federation, supported by Microsoft Corp. Microsoft has said it won't support SAML 2.0 protocols, saying WS-Federation ones are better suited for a distributed Web services environment.

However, Titterington believes Microsoft's move may be more political, and the company could change course.

"I think they [Microsoft] are trying to let themselves down gradually," Titterington said. "The world wants interoperability."

Other vendors, such as IBM Corp., have stuck a foot in both camps. IBM's Tivoli Federated Identity Manager supports SAML 2.0 plus several WS-Federation protocols. Oracle Corp.'s COREid Federation server will soon also support both specifications, according to IDC.

The bulk of the Liberty deployments have been in two areas: large companies such as General Motors Corp. that have deployed federated identity across different platforms and mobile phone companies such as France Télécom SA. Mobile customers use the specifications to access various services on their phones, Titterington said.

The Liberty Alliance said products from 12 companies have passed interoperability tests for the SAML 2.0 specification.