Collaboration enables multi-platform, multi-protocol open source identity services that integrate with Microsoft CardSpace and Liberty Alliance-enabled products
The Bandit and Eclipse Higgins Projects today announced the achievement of a key milestone in the development of open source identity services. Based on working code from the two projects and the larger community of open source developers, the teams have created a reference application that showcases open source identity services that are interoperable with Microsoft’s Windows* CardSpace* identity management system and enable Liberty Alliance-based identity federation via Novell® Access Manager. This reference application is a first-of-its-kind open source identity system that features interoperability with leading platforms and protocols. This ground-breaking work will be demonstrated at the upcoming RSA Conference in San Francisco.
"There are two basic requirements for translating the potential of recent identity infrastructure developments into real-world benefits for users: interoperability and a consistent means of developing identity-aware applications," said Jamie Lewis, CEO and research chair of Burton Group. "First, vendors must deliver on their promise to enable interoperability between different identity systems serving different needs. Second, developers need a consistent means of creating applications that leverage identity while masking many of the underlying differences in those systems from the programmer. The Bandit and Eclipse Higgins interoperability demonstration shows progress on the path toward these goals. And the fact that they are open source software projects increases the potential that the identity infrastructure will emerge as a common, open system for the Internet."
The Bandit and Higgins projects are developing open source identity services to help individuals and organizations by providing a consistent approach to managing digital identity information regardless of the underlying technology. This reference application leverages the information card metaphor that allows an individual to use different digital identity ‘I-Cards’ to gain access to online sites and services. This is the metaphor used in the Window’s CardSpace identity management system that ships with the Vista* operating system.
"Windows CardSpace is an implementation of Microsoft’s vision of an identity metasystem, which we have promoted as a model for identity interoperability," said Kim Cameron, architect for identity and access at Microsoft. "It’s rewarding to see the Bandit and Higgins projects, as well as the larger open source community, embracing this concept and delivering on the promise of identity interoperability."
The open source technology developed by Bandit and Higgins enables initial integration between a non-Liberty Alliance identity system and a Liberty Alliance-based federated identity system provided by Novell Access Manager. Specifically, these technologies enable Novell Access Manager to authenticate a user via a Microsoft infocard (CardSpace) and consume identity information from an external identity system. It will further show that identity information from Novell Access Manager can be used within an infocard system. This is a significant step forward in the integration of separate identity systems to deliver a seamless experience for the user as demonstrated by the reference application.
"The Liberty Alliance project fully supports the development of open source identity services that advance the deployment of Liberty-enabled federation and Web Services as part of the broader Internet identity layer," said Brett McDowell, executive director of the Liberty Alliance. "The open source community’s embrace of Liberty Alliance protocols is validation of the benefits this technology provides, and we salute the Bandit and Higgins teams for their role in making the technology more broadly accessible."
Higgins is an open source software project that is developing an extensible, platform-independent, identity protocol-independent software framework to support existing and new applications that give users more convenience, privacy and control over their identity information. The reference application leverages several parts of Higgins including an identity abstraction layer called the Identity Attribute Service (IdAS). To support a dynamic environment where sources of identity information may change, it is necessary to provide a common means to access identity and attribute information from across multiple identity repositories. The IdAS virtualizes identity sources and provides a unified view of identity information. Different identity stores or identity management systems can connect to the IdAS via "context providers" and thus provide interoperability among multiple systems.
"Many groups have been working towards the goals of Internet identity interoperability," said Paul Trevithick, technology lead for the Higgins project. "This milestone represents a major step in having multiple open source projects work together to support multi-protocol interoperability."
The Bandit project, sponsored by Novell, is focused on delivering a consistent approach to enterprise identity management challenges, including secure access and compliance reporting. The Bandit team’s contributions to the reference application include the development of multiple "context providers" that plug into the Higgins Identity Attribute Service (IdAS) abstraction layer to provide access to identity information across disparate identity stores. It also showcases the role engine and audit reporting capabilities in development by the Bandit community.
"The development of this reference application would not have been possible without the collaboration and contribution of the wider Internet identity community," said Dale Olds, Bandit project lead and distinguished engineer for Novell. "This is the first of many milestones we are working towards as both the Bandit and Higgins communities strive to enable interoperable, open source identity services."
The reference application is available at: http://www.bandit-project.org/index.php/Reference_Application. It will be demonstrated at the Liberty Alliance Workshop on February 5th from 1:00 to 3:00 pm Pacific for registered attendees of the RSA Security conference at the Moscone Center in San Francisco. Interested parties can register free of charge at: https://cm.rsaconference.com/US07/portal/newreg.ww. using registration code 147LIBAEX. This includes a free expo pass that can be used to attend the tradeshow portion of the conference Tuesday through Thursday. The reference application and project experts will also be available throughout the RSA Conference in Novell’s booth #1937.
Bandit is an open source project, sponsored by Novell, that is developing open source identity services that will provide organizations with a consistent approach to enterprise identity management challenges such as secure, role-based access and regulatory compliance reporting. As an open source project, it is also a community of developers – part of a larger identity and security community – that organizes and standardizes identity-related technologies in an open way, promoting interoperability, collaboration and further innovation. For more information, please visit: http://www.bandit-project.org/
The Higgins project is an Eclipse Foundation project. Eclipse is an open source community whose projects are focused on providing an extensible development platform and application frameworks for building software. Eclipse provides extensible tools and frameworks that span the software development lifecycle, including support for modeling, language development environments for Java, C/C++ and others, testing and performance, business intelligence, rich client applications and embedded development. A large, vibrant ecosystem of major technology vendors, innovative start-ups, universities and research institutions and individuals extend, complement and support the Eclipse Platform.
The Eclipse Foundation is a not-for-profit, member supported corporation that hosts the Eclipse projects. Full details of Eclipse and the Eclipse Foundation are available at www.eclipse.org.
Novell is a registered trademark and Bandit is a trademark of Novell, Inc. in the United States and other countries. *All third-party trademarks are the property of their respective owners.
Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.