LOGIN | REGISTER NOW | SUBSCRIBE
 
 
News on Monday
more>>
SharePoint Tech Report
more>>


   

 
 
Download Current Issue
ISSUE 2/1/2010 PDF

Need Back Issues?
DOWNLOAD HERE

Receive the print Edition?


 
blogs tab
Visual Studio 2010 Release Candidate Available Today
A Visual Studio 2010 release candidate is available on MSDN.
02/09/2010 09:45 AM EST

Is Microsoft eyeing Office subscription pricing?
Microsoft may be preparing to offer a new Office pricing option called "union," which charges the same for cloud as on-premises.
02/01/2010 09:38 AM EST

Facebook rewrites PHP runtime
Facebook is about to open source its own PHP runtime, written from scratch for speed.
01/30/2010 08:53 PM EST

 

Events calendar tab
Macworld 2010
2/9/2010 to 2/13/2010
San Francisco
IDG World Expo

SPTechCon 2010
2/10/2010 to 2/12/2010
San Francisco
BZ Media

PyCon 2010 (Python Conf.)
2/17/2010 to 2/25/2010
Atlanta
Python Software Foundation

Southern Calif. Linux Expo
2/19/2010 to 2/20/2010
Los Angeles
SCALE

IBM Pulse
2/21/2010 to 2/24/2010
Las Vegas
IBM


 
print Printable version 
Most Read Latest News Blog Resources
Facebook brings HipHop to PHP
HipHop compiles PHP to speed up the Web layer at world's most popular social networking si...

Adobe moves LiveCycle application platform to the cloud
Release gives developers just what they need to create targeted business process-oriented ...

Oracle acquires AmberPoint
Today's merger will probably affect most of AmberPoint's existing partnerships with other ...

Digg!  Digg
Reddit  Reddit
Slashdot  Slashdot
Share on facebook  Facebook
Share on Twitter  Twitter

Open-source identity scheme takes first steps


By Robert Mullins
March 13, 2008 — 
Concerned that the Web 2.0 craze is catching on faster than security can catch up, the OpenLiberty.org community has released an open source code library to write Web applications that protect users’ identities and increase security.

A beta version of OpenLiberty-J, released March 10, enables application developers to incorporate into their software the enterprise-grade interoperability, security and privacy capabilities of the Liberty Alliance’s Java library for identity Web services. OpenLiberty can be used for enterprise applications in service-oriented architectures, social network environments and other client-side applications for PCs and mobile devices.

Although the Web is popular, it’s immature, especially as it relates to security and privacy, claimed Brett McDowell, executive director of the Liberty Alliance, sponsor of the OpenLiberty.org community.

“We are bringing those high-quality features, previously only available to the enterprise, to the long tail of the Internet and everyone who's interested in this Web 2.0 phenomenon,” said McDowell.

Currently available security and privacy schemes have their drawbacks, he continued. Some earlier Web applications create “identity silos,” in which each application or site has its own identity management protocol and a user has to use a different scheme for each site they use. “This is the old-school way of doing it.”

The other alternative is some kind of “global identifier,” which someone could use to establish their identity at multiple sites, McDowell noted, but added that global identifier technology is still new and presents its own security concerns.

A core technology in the OpenLiberty-J framework is Security Assertion Markup Language (SAML) 2.0, which he described as the de facto standard for exchanging authentication and authorization data online. The open-source version is called OpenSAML.

“We have years of complexity in here,” McDowell said of OpenLiberty-J. “We have done the hard work of putting all those features into your library, and you [can go ahead and] build your applications.”

Although this OpenLiberty release is limited to developing Java-based applications, McDowell said the Alliance plans to eventually port the library to .NET, PHP, Ruby and other platforms.

OpenLiberty-J is also based on Java SE, open-source XML and  service libraries from the Apache Software Foundation and the Internet2 Shibboleth project, which is responsible for OpenSAML.


Related Search Term(s): OpenLibertyLiberty Allianceopen sourceWeb 2.0


Share this link: http://www.sdtimes.com/link/31835
 

Add comment


Name*
Email*  
Country     


  • Comment
  • Preview
Loading