Novell Previews Liberty-based Identity Federation Solution
- Technology, code-named “Odyssey,” will enable organizations to securely share identity information among business partners and internal systems
- Achieves enhanced certification for the latest Liberty Alliance specification and will be demonstrated at Burton Group Catalyst Conference this week
- Uniquely enables provisioning based on the Liberty specification and dynamically Liberty-enables legacy systems
Novell today previewed a new Liberty-certified technology, code-named “Odyssey,” that will enable organizations to federate identity information among business partners while maintaining users' privacy. The Odyssey technology, which is being demonstrated at Burton Group Catalyst Conference 2004, will enable companies to implement centralized authentication, policy management and single sign-on based on the latest Liberty Alliance specification so they can securely share even the most sensitive identity data without compromising privacy.
Odyssey, expected to ship in the first half of 2005, will make it easier for customers and employees to conduct business electronically with a company and its partners. For example, when a new employee account is created in the Human Resources database, that employee will be able to easily request access and get authenticated to partner systems—such as health insurance or a 401k plan—by requesting federation of their identity information. Odyssey will immediately provision the user account and enable single sign-on to the partner system based on the trusted relationship between partner companies. In other instances, business partners like airlines, hotels and rental car companies can allow users to share relevant identity attributes between systems for more efficient transactions.
“Federated identity between enterprises is the next step in identity management,” said Mike Neuenschwander, Burton Group analyst. “By leveraging its provisioning and metadirectory technologies and supporting industry standards, Novell has the potential be a leading player in this emerging market.”
Odyssey will enable the secure federation of identity data through both the Liberty Alliance 1.2 specification and the Secure Assertions Markup Language (SAML) protocol. Combining the security of SAML with the tested and certified interoperability of the Liberty Alliance provides customers with one of the industry's most flexible offerings for establishing trusted relationships with business partners.
While current Liberty-enabled federated identity projects focus on sharing identity information and require that users have accounts on each federated system, Odyssey goes a step further by managing and provisioning user accounts across each partner system. When a user accesses a partner site where he does not have an account, he will have the option to automatically provision a new account based on information in the corporate directory that the administrator has deemed relevant to that partner.
Users also decide if and when their information will be shared with other systems to maintain a level of control that is comfortable for each individual user. In addition to federation and provisioning capabilities, Odyssey will support role-based policies for controlling access to websites and other applications either within an organization or with partners.
Chris Stone, Novell vice chairman – Office of the CEO, said, “Novell's Odyssey project builds upon our leading secure identity management solutions to deliver the next-generation of identity management solutions – federation. Novell is extending the benefits of secure identity management that companies have seen within their enterprise to trusted business partners, providing customers with a seamless transition to connected partner systems.”
Odyssey will provide proxy functionality so that when it is set up in front of another server, it will dynamically Liberty- and/or SAML-enable virtually any application or service. Administrators will only need to install the software on their site and the site of the service providers with whom they want to share identity information – unlike other systems that require agents to be installed on each application to be Liberty enabled. As soon as the two servers exchange agreed upon metadata, identity information can be federated between systems. Odyssey will also be able to store identity attributes locally or connect to existing LDAP directories.
Novell, Inc. (Nasdaq: NOVL) is a leading provider of infrastructure software and services to over 50,000 customers in 43 countries. With more than 20 years of experience in data center, workgroup and desktop solutions, Novell's 6,000 employees, 5,000 partners and support centers around the world are meeting customer requirements for identity-driven computing and Linux solutions. By providing enterprise-class software and support for commercial and open source software, Novell delivers increased operating flexibility and choice at a lower total cost of ownership. More information about Novell can be found at http://www.novell.com.
Novell and Ximian are registered trademarks; Nsure, exteNd and Nterprise are trademarks; and Ngage is a service mark of Novell, Inc. in the United States and other countries. SUSE is a registered trademark of SUSE LINUX AG, a Novell business. All third-party trademarks are the property of their respective owners.