OASIS Members Form Committee to Advance WS-Federation Identity Management Specification

Boston, MA, USA; 2 May 2007 -- Members of the OASIS consortium have formed a new committee to advance the WS-Federation specification through the international standards process. WS-Federation aims to extend the scope of identity management, enabling federations of trust. Version 1.1 of the specification, which was created by a cooperative of eight companies, will be contributed to the new OASIS WS-Federation Technical Committee for advancement and input from the broader community.

"It's good to see WS-Federation submitted to a standards body," said Gerry Gebel, Identity and Privacy Strategies service director at Burton Group. "We're hopeful that this move will make convergence of existing standards more likely since OASIS has also produced WS-Security, WS-Trust, WS-SecureConversation, SAML, XACML, and SPML."

"Organizations and business partners will be able to collaborate more safely and smoothly with WS-Federation," noted Paul Cotton of Microsoft, convener of the OASIS WS-Federation Technical Committee."Today, it often takes weeks for a company to set up user accounts and access privileges to enable their partner organizations' staff to safely gain access to shared materials. When a project is complete, all that time and effort must be repeated in order to revoke the partner's accounts. WS-Federation allows user accounts to continue to be owned, stored, and managed by the users' companies, and shared as needed with partner organizations, instead of relinquishing control to them or creating duplicate copies."

The OASIS WS-Federation Technical Committee will work to simplify interactions between the participants of a federation. The group will advance capabilities for structuring and acquiring federation metadata, sign-out notifications, and the use of pseudonym and identity mapping and attribute services. In addition, the Committee will enable brokered trust relationships and distributed authentication and authorization to be used in browser-based scenarios.

"WS-Federation is a method for expressing and managing trust relationships among parties sharing identity data," explained James Bryce Clark, director of standards development for OASIS. "This specification was intended for programs that use the WS-Trust OASIS Standard for security token exchange, the WS-Policy family of methods for describing constraints and rules, and the WS-Security OASIS Standard for associating security content with SOAP messages. This set of specifications is designed to compose, together with other related standards (including WS-Reliable Messaging and the WS-Transaction OASIS Standard), as a seamless and exclusive stack of specifications for secure and reliable Web services."

Representatives of Active Endpoints, AmberPoint, BEA Systems, BMC Software, CA, Forum Systems, HP, IBM, IONA, Novell, Microsoft, Progress Software, Red Hat, SOA Software, TIBCO, VeriSign, webMethods, and others make up the OASIS WS-Federation Technical Committee. Participation remains open to all companies, non-profit groups, governments, academic institutions, and individuals.

The WS-Federation Technical Committee will operate under the Royalty Free on RAND Terms mode, as defined by the OASIS Intellectual Property Rights Policy. As with all OASIS projects, archives of the Committee's work will be accessible to both members and non-members, and OASIS will host an open mail list for public comment.

Support for WS-Federation

AmberPoint
"The success of the next generation of SOA deployments will be contingent on the ability to securely share identity information among cooperating enterprises. WS-Federation is a key component to defining solutions that enable business processes to securely span enterprise boundaries, while meeting regulatory requirements and keeping sensitive data in the proper hands. We're glad for the opportunity to bring our expertise to the OASIS WS-Federation Technical Committee and are confident that this effort will be of significant value to our customers and the SOA marketplace in general," said Gene Thurston, security architect, AmberPoint.

BEA Systems
"BEA is enthusiastic about bringing WS-Federation to an open standards organization. There is an opportunity to align it with other, related security technology standards, which can advance the progress of Web Services and help enable the development of flexible, agile and highly interoperable SOA solutions," said Hal Lockhart, Office of the CTO, BEA Systems.

BMC Software
"Standardization of WS-Federation is the next logical step following the recent OASIS approval of WS-Trust and WS-SecureConversation, and the progress being made on WS-SecurityPolicy. We believe WS-Federation as an OASIS Standard will be a key part of our customer's Business Service Management infrastructure, and it has already seen widespread adoption," said Jeff Bohren, Software Architect, BMC Software.

CA
"Leveraging WS-Federation helps enable dynamic business-to-business relationships by bridging identity and security across Web services. The work of the OASIS Technical Committee will therefore be of significant benefit to both CA customers and global commerce as a whole," said Andy Rappaport, architect for identity and access management at CA.

IBM
"Working with our customers, IBM recognized early that security is a key component for Web services deployments. With WS-Federation, we complete the Web Services Security Roadmap which includes WS-Security, WS-Trust, WS-Secure Conversation and WS-Security Policy. IBM has already included early versions of this capability in our products, as have others, to enable customers to develop applications using Web services to assure authorized access to key resources across security boundaries whether within an enterprise or between companies or governments. We look forward to working with OASIS on the next steps towards making WS-Federation a standard," said Karla Norsworthy, vice president, IBM software standards.

Microsoft
"Microsoft is pleased to see a Technical Committee formed to support the process in ratifying WS-Federation. WS-Federation extends WS-Trust to provide a flexible federated identity architecture with clean separation between trust mechanisms, security token formats, and the protocol for obtaining tokens. Federations built on this architecture can address the identity requirements of both Web applications and Web services," said Don Schmidt, Principal Program Manager in the Connected Systems Division at Microsoft.

Red Hat
"Red Hat is pleased to support WS-Federation and sees it as an important missing piece in the WS-* architecture. Standardization in this area is of critical importance," said Dr. Mark Little, Director of Standards for Red Hat.

SOA Software
"WS-Federation will be an important specification to enable inter-company secure Web services transactions. As a leading provider of security mediation solutions for SOA and Web services, SOA Software believes that WS-Federation and related standards will simplify the deployment and integration of our solutions for large enterprises," said Alistair Farquharson, chief technology officer of SOA Software.

Additional information:

OASIS WS-Federation Technical Committee:
http://www.oasis-open.org/committees/wsfed/

About OASIS:

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, international consortium that drives the development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. The consortium produces open standards for Web services, security, e-business, and standardization efforts in the public sector and for application-specific markets. Founded in 1993, OASIS has more than 5,000 participants representing over 600 organizations and individual members in 100 countries. http://www.oasis-open.org

Press contact:
Carol Geyer
OASIS Director of Communications
carol.geyer@oasis-open.org
+1.978.667.5115 x209 (office)
+1.941.284.0403 (mobile)