Press Release

OASIS Members Form New Committee to Advance Interoperability Standard for Information Cards

IBM, CA, Microsoft, Nortel, Novell, the US Department of Defense, VeriSign, and Others Collaborate on Personal Digital Identity

Boston, MA, USA; 23 September 2008 — OASIS, the international open standards consortium, has formed a new group to enable the use of Information Cards to universally manage personal digital identities. The OASIS Identity Metasystem Interoperability (IMI) Technical Committee will work to increase the quality and number of interoperable implementations of Information Cards. A rapidly-developing, Web 2.0-friendly method for shared light authentication, Information Cards let people authenticate themselves on multiple web sites without maintaining passwords for each site. Information Cards offer tremendous potential for people to access online services with greater privacy, security, and ease. To realize the full benefits of Information Cards, however, broad interoperability across platforms and services is crucial. The goal of IMI is to provide the interoperability support that will enable Information Card use to become ubiquitous. Each Information Card provides a visual snapshot of a person’s digital identity and a description of the individual’s relationship to the provider that issued the card. A person may have a collection of Information Cards from various providers. Individuals organize their Information Cards through an Identity Selector and choose which card they want to use for each type of online interaction. “IMI will assure the portability of Information Card content by defining a standard method of transferring collections of Information Cards between Identity Selectors,” explained Abbie Barbir of Nortel, convener of the OASIS IMI Technical Committee. “Our work has relevance for many Web 2.0 use cases as well as a host of consumer and corporate applications.” “We’re very excited to have the IMI work advanced through OASIS,” noted James Bryce Clark, director of standards development at OASIS. “The new Committee brings together a truly impressive array of commercial and open source providers in the identity space. They’re putting aside competitive differences in an effort to develop what is essentially a key semantic capability that everybody needs.” IMI will be offered for implementation on a royalty-free basis. Participation in the OASIS IMI Technical Committee remains open to all interested parties. Archives of the work will be accessible to both members and non-members, and OASIS will offer a mechanism for public comment. The first meeting will be held 29 Sept, near London, in conjunction with the OASIS Security Standards Forum. Support for IMI CA “We believe that the formation of the OASIS IMI Technical Committee is a critical step in the evolution and success of a new paradigm. CA recognizes the importance of a user-centric Identity Metasystem and will work with other industry leaders to move this paradigm forward,” said Jeffrey Broberg, Senior Director, Security Product Management at CA. Microsoft “It’s exciting that so many companies and projects have come together to standardize the protocols and data formats for interoperable Information Cards. The OASIS technical committee will build on the substantial interoperability work done within OSIS and apply the lessons learned there. All this will help bring the benefits of claims-based digital identity to enterprises and the Internet, on any platform and on any device,” said Kim Cameron, chief architect of identity at Microsoft. Novell “Information Card systems provide an important advancement to online identity capabilities. Such systems can increase users’ understanding and convenience in online transactions, while giving them better privacy and security. Both Novell and OSIS look forward to working with the IMI Committee to produce open standards that maximize the benefits of Information Card systems,” said Dale Olds, distinguished engineer at Novell and steward of the OSIS working group of Identity Commons. Additional information:

OASIS IMI Technical Committee OASIS Security Forum

About OASIS: OASIS (Organization for the Advancement of Structured Information Standards) drives the development, convergence, and adoption of open standards for the global information society. A not-for-profit consortium, OASIS advances standards for SOA, security, Web services, documents, e-commerce, government and law, localisation, supply chains, XML processing, and other areas of need identified by its members. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology. The consortium has more than 5,000 participants representing over 600 organizations and individual members in 100 countries. http://www.oasis-open.org Press contact: Carol Geyer OASIS Director of Communications carol.geyer@oasis-open.org +1.978.667.5115 x209 (office) +1.941.284.0403 (mobile)