Bandit Project's Cross-Platform Card Selector Gives Users Control of their Internet Identities

Information card selector runs on Linux and Macintosh platforms

27 June 2007

The Bandit® Project today hit another key milestone in the development of open source identity services with the availability of an open source, cross-platform information card selector that helps users manage "digital identity cards" used in Web transactions. Based on working code from the Bandit Project and interoperable with components from the Eclipse Higgins Project, the DigitalMe® information card selector is functionally equivalent to Microsoft* Windows CardSpace* and runs on Linux* and Macintosh* platforms. The DigitalMe information card selector is being demonstrated today at the Burton Group's Catalyst Conference, with a test version now available as an installable package with a graphical interface. This marks an important step forward for user-centric, cross-platform identity management for Web-based services.

"A multitude of user-centric components have rushed onto the scene in recent months, providing a telling harbinger for next-generation identity management technologies," said Gerry Gebel, vice president and service director at Burton Group. "To ensure greater adoption, user-centric components must be interoperable and available on a wide range of platforms. The Bandit Project has been very supportive of these efforts through its participation in the Burton Group user-centric interoperability demonstration project."

The Bandit Project's implementation of DigitalMe demonstrates a successful identity-enabled application that makes it easier for users to manage their identities. Industry trends highlight increased market demand for user-centric identity management technology, such as Windows CardSpace. By making this type of technology available to Linux and Macintosh users, DigitalMe is helping accelerate the adoption of this user-centric approach. Additionally, customization capabilities and related identity management components available from the Higgins Project will encourage service providers to utilize the technology, as it gives them the ability to provide complete identity management solutions for their users.

"One of the key elements to developing an Identity Metasystem is providing tools that can help users easily access Web sites or online services to be in control of their digital identity," said Kim Cameron, chief identity architect at Microsoft Corp. "By extending the ability to use Information Cards that are compatible with Windows CardSpace to different operating systems and platforms, the Bandit project is helping to broaden this effort with DigitalMe."

Sponsored by Novell, the Bandit Project works with community partners to develop an open identity framework that simplifies the creation of identity-enabled applications. Built on open source, Bandit provides a transparent and consistent approach to managing digital identity information, regardless of the underlying platform. Code for DigitalMe has been donated to the Eclipse Higgins Project, an open source group focused on developing a multi-platform identity framework to give users convenience, privacy and control over their identity information. The donation of the DigitalMe source code to the Higgins Project will increase the number of opportunities for users to access this technology.

"The Bandit Project continues to be one of the leading innovators and contributors in user-centric identity," said Paul Trevithick, technical lead of the Higgins Project. "We appreciate Bandit's donation of the DigitalMe code to Higgins. Written in C++, it will give users the option of deploying a native code version of the Higgins identity agent on a local machine."

DigitalMe allows for a user-centric identity model, where users, not Web sites, control how sensitive identity information is presented. This offers greater security, since users provide only the digital card with the specific information necessary to complete a transaction, and storage of sensitive information is limited to authorizing sites. DigitalMe works by allowing users to manage multiple digital identity cards to control identity data, including name, postal address, e-mail address and credit card information. The cards are either obtained from third-party companies or created by the user. When the user visits an information card-compatible Web site and performs a transaction, such as purchasing an item, a list of digital cards is presented. The user selects the relevant card and credentials are sent to an authorizing third-party site, for example the credit card company, which verifies that the user has the necessary funds to perform the purchase. Authorization is securely sent back to the original site through the user's system, and the transaction is completed.

"The Internet explosion occurred without an effective framework for managing identity information," said Dale Olds, distinguished engineer and Bandit Project leader at Novell. "This lack of framework has created frustration for users who have to manually provide identifying data at multiple Web sites. Software, such as DigitalMe, will revolutionize the way people control their identity data."

To test drive an early version of DigitalMe, an openSUSE® 10.2 installable package with a graphical interface can be downloaded at www.bandit-project.org/index.php/Identity_Selector_Service_Download. The source code for other Linux versions and Macintosh is available at www.eclipse.org/higgins/downloads.php.

A Community-driven Approach to Identity Management

The Bandit project builds on the participation of the broader identity and open source communities, and many industry leaders are expressing their support for DigitalMe.

Ed Macbeth, senior vice president of Business Development for ActivIdentity Inc., said, "The deployment of digital identity assurance and strong authentication solutions for both government and enterprise would greatly benefit from seamless interoperability and tight integration with identity management systems. ActivIdentity supports Novell's leadership with the Bandit project as we believe the resulting open industry standards will expand the market and deliver greater value to customers."

Brett McDowell, executive director, Liberty Alliance, said, "Liberty Alliance salutes open identity initiatives that contribute to the development of a ubiquitous, interoperable and privacy-respecting Internet identity layer. DigitalMe builds on the CardSpace-to-Liberty interoperability the Bandit team demonstrated at RSA 2007, fostering a common user experience regardless of underlying protocol."

Anthony Nadalin, distinguished engineer and chief security architect for IBM Software Group, said, "We are very pleased to see that the Bandit project is contributing an Identity Selector to the current set of Identity Selectors in the Higgins project. This addition gives Higgins the broadest platform and usage coverage that our customers have been requesting. We look forward to working on the integration of the Bandit Identity Selector in Higgins."

Phil Windley, co-founder of the Internet Identity Workshops, said, "For the vision of user-centric identity to thrive, ecosystems like information card selectors have to extend beyond a single operating system. As a vendor of a major Linux distribution, Novell is in a great position to lead the use of information card selectors on Linux. I'm very encouraged by these developments."

Andre Durand, CEO of Ping Identity Corporation, said, "In order for card-based identity systems to succeed, it's important that all platforms be supported. Bandit is filling in a critical piece of the puzzle by enabling both Linux and Mac desktops for information card interoperability."

Dick Hardt, founder and CEO at Sxip Identity, said, "User-centric, Identity 2.0 technologies are now able to solve real enterprise concerns such as a more secure authentication mechanism for online applications. It's great to see the development of interoperable, open source technologies, such as the Bandit Project's information card selector, which along with other identity agents such as Microsoft's Windows CardSpace provide cross-platform choice for users. We're adding support for these emerging digital identity cards to Sxip Access for phishing-resistant login to Google Apps and Salesforce."

About Bandit

Bandit is an open source project, sponsored by Novell, that is developing open source identity services to provide organizations with a consistent approach to enterprise identity management challenges such as secure, role-based access and regulatory compliance reporting. As an open source project, it is also a community of developers – part of a larger identity and security community – that organizes and standardizes identity-related technologies in an open way, promoting interoperability, collaboration and further innovation. For more information, visit www.bandit-project.org.
About Novell

Novell, Inc. (Nasdaq: NOVL) delivers infrastructure software for the Open Enterprise. Novell is a leader in enterprise-wide operating systems based on Linux and open source and provides the enterprise management services required to operate mixed IT environments. Novell helps customers minimize cost, complexity and risk, allowing them to focus on innovation and growth. For more information, visit www.novell.com.

Novell, DigitalMe and openSUSE are registered trademarks and Bandit is a trademark of Novell, Inc. in the United States and other countries. *Linux is a registered trademark of Linus Torvalds. All other third-party trademarks are the property of their respective owners.

Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.