Liberty Alliance Announces Two Key Milestones for the Identity Governance Framework  
  SEARCH: Sign In | Register | Contact Us | Site Map | Home  

GLBA News

Liberty Alliance Announces Two Key Milestones for the Identity Governance Framework

(July 26, 2007)-- Liberty Alliance, the global identity consortium working to build a more trusted Internet for consumers, governments and businesses worldwide, today announced two key milestones for the Identity Governance Framework (IGF). Today, industry leaders submitted IGF to openLiberty.org for open source development of IGF implementations. Liberty Alliance also announced the ratification of market requirements documentation (MRD) for IGF and the commencement of technical specification work. With today's news, developers, system integrators and organizations in every sector can begin planning IGF deployments referencing the publicly available MRD and building IGF applications based on the open source APIs collaboratively developed at openLiberty.org. Liberty will hold a public webcast to review IGF developments and the roadmap for continuous development and support within Liberty Alliance and at openLiberty.org on August 15 at 8:00am US PT.

"With Liberty Alliance market requirements completed and technical specification work and open source implementations initiated in parallel, IGF is a significant step closer to delivering users and organizations greater privacy and security protection across applications and industries," said Brett McDowell, executive director of the Liberty Alliance. "Organizations, infrastructure providers and the Web 2.0 community now have a variety of identity governance tools for advancing the Internet's privacy layer based on open standards from Liberty Alliance."

IGF is the industry's first programmatic framework designed to help organizations meet regulatory requirements such as the European Data Protection Initiative, Gramm-Leach-Bliley Act, PCI Security Standard and Sarbanes-Oxley. The framework establishes a standard way of defining enterprise-level policies for organizations to share sensitive personal information securely and confidently between applications and diverse identity sources while helping ensure security and privacy. The rapid completion and publication of the Liberty Alliance MRD represents the growing and urgent need for IGF as an open standard. With the MRD now completed, work can progress rapidly on the creation of the technical specifications and open source implementations required to speed the development of standards-based end-to-end auditing and governance solutions.

Oracle (NASDAQ: ORCL) released a draft of the IGF in November 2006 to wide industry support and in February submitted IGF royalty-free to Liberty Alliance for further development based on Liberty's model of collaboratively addressing the technology, business and privacy aspects of identity management. Liberty's Technology Expert Group (TEG) will now develop specifications to meet the IGF MRD. Membership in TEG is open to all industry stakeholders and individual contributors interested in participating in the specifications development process. The IGF MRDs announced today are available for public review and download at http://www.projectliberty.org/index.php/liberty/strategic_initiatives/requirem ents

The further development of IGF standards will take place within Liberty's TEG and openLiberty.org, a community driven open source project formed to facilitate the development of secure and privacy-respecting identity applications based on Liberty Alliance specifications. This two-phased approach ensures the widest possible collaboration in the development of IGF and provides opportunities for developers and the global open source community to participate in the development of IGF standards. Co-chaired by Paul Madsen of NTT and Carolina Canales-Valenzuela of Ericsson with participation from technology experts from around the world, TEG will collaboratively deliver IGF profiles, specifications and implementation recommendations. Individuals and organizations interested in following the development of IGF within TEG can read the public mail-list archive at http://maa.projectliberty.org/lap-technology/public-mail/

Consisting of nearly 50 subscribers with leadership and representation from HP, Intel, Internet2/Shibboleth and OpenSAML, openLiberty.org is an open source community open to everyone interested in advancing open source Liberty Web Services and now IGF implementations. openLiberty.org will develop a set of open source libraries and technologies based on the Apache 2.0 license that developers and vendors can use to build products that consume, provide and manage identity-related information based on the IGF protocols. Developers, individuals and organizations can get more information and join the openLiberty.org IGF community at http://www.openliberty.org/wiki/index.php/IGF_Introduction

"The development of IGF specifications within Liberty Alliance in conjunction with open source implementations at openLiberty.org represents a new era in the collaborative development of open identity standards," said Jason Rouault, vice president of the Liberty Alliance Management Board and chief technologist for Identity and Security Management, Software, HP. "The two-track approach to IGF development will allow developers to more easily and quickly drive policy and privacy attributes into open source identity initiatives."

Liberty Alliance, supporters of IGF and openLiberty.org invite the developer and open source communities to participate in the further development of IGF. The framework provides developers with a declarative model for access to identity data for creating business applications. Through the development of open source implementations, developers will be able to re-use the APIs developed within openLiberty.org to more easily develop application features and controls to ensure compliance of identity data usage with enterprise policies and privacy regulation requirements.

A key objective of the dual approach to IGF standards development is to demonstrate multi-protocol implementations. This means eventual support for ID-WSF, SAML 2.0, WS* and OpenID specifications and collaboration with other industry identity initiatives such as the Concordia Project, Project Bandit and the Eclipse Higgins project. As specifications development work progresses within Liberty's TEG and at openLiberty.org, the groups will regularly work together to offer mutual guidance and support to ensure work is complementary and meets the Liberty Alliance IGF MRDs. Liberty Alliance expects to release draft IGF specifications during 2Q, 2008.



Share or bookmarklet this web page at:



Google
Privacy Policy | Terms & Conditions | Support | Directory Links | Contact Us | Site Map | Home
Copyright © 2007-2008 ComplianceHome.com. A SUPREMUS GROUP venture. All rights reserved.