Search This Blog

Tuesday, November 27, 2007

GSA Signs On With SAML

The government's push toward E-Authentication and federated identity
management has given a boost to the Security Assertion Markup Language
(SAML). Federal program managers say the government's pioneering
interoperability testing program for the E-Authentication Federated
Identity and Authentication Initiative has helped drive standard
implementations of the protocol in identity management products. The
E-Authentication program, established in 2002, was using SAML 1.0 as
the protocol for user authentication when it first went live in 2005.
In September the program adopted SAML 2.0, and the General Services
Administration announced it was turning interoperability testing over
to the Liberty Alliance Project. That project, a coalition of 160
industry, nonprofit and government organizations including GSA and the
Defense Department, sponsors standards development for federated identity
management. E-Authentication Solutions forms part of the administration's
e-government initiative. "The purpose is to provide credentialing
services for outward-facing government applications on the Web," said
Tom Kireilis, GSA's acting program executive. The E-Authentication
program provides Assurance Level 1 and 2 credentials, which can be a
user ID and password. Program leaders seek to build a system that would
allow users to sign on across many applications using a single set of
credentials. In addition to the domestic program, several other national
governments are deploying SAML 2.0-based applications to enable
identity-based access. Use of a common standard could allow federated
identity access controls across multiple enterprises. More Information See also the announcement: Click Here

No comments: