Sun, others to issue competitor to MS Passport

ITworld.com |  Security, Network access control

Sun Microsystems Inc. has brought together a host of companies in an alliance to offer an alternative to Microsoft Corp.'s Passport online authentication service, Sun announced Wednesday (9/26/01).

The group, code-named Liberty Alliance Project, aims to create a ubiquitous single sign-on and decentralized authentication system for online services, accessible from any device connected to the Internet. The charter members of the Alliance expect to finalize an agreement on organization and joint technology development within 60 days, according to a statement on the project's Web site. The group will hold its first meeting for charter members in October and plans to announce more details in the coming months.

"This is an alternative to Passport and Hailstorm. Project Liberty will allow users to decide what information to pass on and customer data won't be controlled by one party," said Hans Appel, Sun's chief technology officer (CTO) for Northern Europe.

The Liberty Alliance Project intends to create a universal digital identity service based on open standards. Users should be able to log in once on a given Web site and be authenticated for all the online services supporting the Liberty standard. Customer data, such as phone numbers, addresses, credit records and payment information, will be secure, according to the statement.

While the alliance has not decided on the exact technologies it will use for the authentication process, the group plans to allow each company involved to store user information on their own servers, said Marge Breya, vice president of Sun One marketing. A healthcare provider, for example, would set high levels of security for user information stored on its site. When a user goes from the healthcare Web site to a retail site, only the information needed to purchase retail goods such as credit card information would be transferred.

"There will be handshakes between the two companies that the user will authorize," Breya said.

The user would permit one company's server to talk to another company's servers when visiting a new Web site, Breya said.

Smart cards or biometrics technology could be two of the possible means of authentication; however, the alliance maintains it will not decide on specific technologies for some time.

Businesses benefit because they will only need to adopt one technology to give access to all users, no matter what device is used, the group says. The alliance envisions users signing on with cellular phones, portable computers, televisions, cars, point of sales terminals and the traditional desktop computer.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question
randomness