Liberty Alliance update steps up security

Group releases second version of its Web services standard for checking identity, opening it up to specs from OASIS and others.

Dawn Kawamoto
Dawn Kawamoto Former Staff writer, CNET News
Dawn Kawamoto covered enterprise security and financial news relating to technology for CNET News.
2 min read
The Liberty Alliance has released the second version of its standards for identity verification for Web services.

The Internet security consortium said on Friday that the public draft release of ID-WSF 2.0 extends its technical specifications to include support for SAML 2.0, the second version of Security Assertion Markup Language. The update aims to make it easier to communicate identity information with software based on other, open Web services standards, such as those from OASIS.

"Successful identity management has become a critical factor in application development and the necessary foundation for deploying all Web services," George Goodman, president of Liberty Alliance's management board, said in a statement.

"These specifications provide a blueprint for driving convergence between federated identity and Web services specifications," he said.

The Liberty Alliance, a group of more than 150 companies, nonprofit and government organizations, is dedicated to developing technology to check the identity of someone signing into a Web site. The federated standard would also enable customers to use a single sign-on for all member providers, so that they wouldn't have to type in credit card details, for example, each time they visit a different online store. Microsoft's competing authentication system, Passport, has recently taken a couple of dents.

The WSF 2.0 specifications are the first step in a three-phase project that is expected to be completed by the end of the year.

Among other goals, the project aims to enable consumers to subscribe to automatic notices of changes from Web services providers. It also lets people create a list of friends they want to hook up with online.