Liberty Alliance Releases Initial Specifications
Wiggins, Richard W., Information Today
The Liberty Alliance Project (http:// www.projectliberty.org), a consortium of technology firms, credit card providers, and merchants, has released the initial specifications for its "federated" scheme to simplify transactions among consumers and vendors. The Liberty Alliance was formed in September 2001 to "establish an open standard for federated network identity." It hopes to provide a framework in which consumers and merchants would easily be able to determine each other's authentic identity, and, when consumers so choose, allow information to flow easily to other trusted vendors.
As an example, today a customer might book a flight and, following a link from the airline's Web site to a partner car rental agency, then rent a car online and from there go to a partner hotel chain for online reservations. But in today's world the customer might be forced to enter data redundantly, such as credit card information, name and address, dates and times of the rental and hotel stay, etc. Liberty Alliance proposes a scenario whereby, with the customer's informed consent, information about the trip would be shared among the trusted partners, averting a need for the tedious re-entry of data.
This first set of specifications, version 1.0, was officially released on July 15. The companies announcing specific product plans are Communicator, Inc.; Entrust, Inc.; NeuStar, Inc.; Novell, Inc.; OneName Corp.; RSA Security; and Sun Microsystems.
Liberty Alliance says the version 1.0 specifications provide the following functionality:
* Opt-in account linking-Users choose which accounts are linked among firms within the "circle of trust" as defined by established business relationships.
* Simplified sign-on for linked accounts-- Once a user's accounts have been "federated" the user can log into one trusted vendor and move to another without the need for logging in again.
* Authentication context-Companies that link accounts can communicate what authentication should be used when a user logs in.
* Global log-out-Logging off one account severs all logins.
Liberty Alliance cites advantages for business-to-consumer, business-to-business, and business-to-employee kinds of relationships and transactions.
The initial specification does not provide for how personal information will be shared across vendors, but rather offers ways that cooperating vendors can share identity once it has been authenticated. A user might maintain separate identities with different vendors but still gain the single sign-on advantages. …