The Liberty Alliance is working hard to dispel the perceptions that it is a paper tiger challenging Microsoft Corp.s Passport software.
Both Microsoft and the identity consortium, which is backed by a Microsoft rival, Sun Microsystems Inc., are seeking to develop ways for consumers to use a single password and sign-on routine to gain access to multiple Web sites.
But the Liberty Alliance was greeted with a good deal of skepticism when it announced its formation in September with 33 charter members, including Bank of America Corp. Observers questioned whether it could challenge Microsoft, which had already launched Passport.
Since then the group has attracted some major new members, including American Express Co., MasterCard International, and AOL Time Warner Inc., and it is expected to announce a new bank member soon.
And Jonathan Schwartz, the chief strategy officer at Sun, of Santa Clara, Calif., promised that Liberty Alliance members would have single sign-on software available immediately once the participants approve baseline technical standards. A vote on the standards will probably occur in May or June, he said.
The software would connect areas of the Internet that previously were locked off from one another by individual sign-ons, Mr. Schwartz said. In the beginning the capability will be fairly limited users will be able to access a bank brokerage account and a checking account, or go from the banks site to check an airline frequent-flyer account, without having to sign on twice.
Youre now beginning to build a much more diverse set of relationships based on your fundamental relationship with the customer, Mr. Schwartz said in an interview during this months World Economic Forum in New York. And thats only the first of many services.
The groups plan to develop standards so quickly surprised some observers. If it happens, it will be quicker than most people expected when they announced it in the fall, said Dwight Davis, a vice president at Summit Strategies Inc., a Boston-based technology research firm.
The addition of AOL Time Warner to the consortium also promises to deliver a critical mass of users for the sign-on software in a short time, Mr. Davis said.
The company could equip its America Online unit, the worlds largest Internet access provider, with more than 32 million subscribers, with a Liberty-compliant sign-on, much the way Microsoft gave Passport a kickstart by using it in the sign-on for its HotMail e-mail service, he said.
Even Sun said it was surprised by the markets receptivity toward the identity federation. With Liberty, we got more traction than any of us expected, Mr. Schwartz said.
The name recognition and market clout of the federations members also raises hope among the participants that the group can serve as a practical alternative to Passport, which some competitors had feared would become a Microsoft monopoly.
Mr. Schwartz said the goal is not to establish a new technical standard this is not about creating a new Passport but rather to enable the most basic interoperability to allow existing standards to interact.
As an example of such standards, he pointed to frequent-flyer programs. Right now United has to adopt a specific set of standards that allow you only to connect via America Online.
Once the alliance members vote this spring on a technical specification so different computer systems can recognize user names and passwords from other systems, Sun will have an implementation of the spec the day it is released, Mr. Schwartz said.
The initial benefit for many large organizations probably will be in simplifying access to disparate internal systems, he said for instance, a financial conglomerate could make it easier for customers to check their checking and brokerage accounts.
A few technologically ambitious banking companies, including Wells Fargo & Co. of San Francisco, have tackled this issue on their own, but completing such a complex programming project in-house remains a daunting challenge, Mr. Schwartz said. Liberty will allow anybody to have single sign-on within their walled garden.
The more complex problem for participating businesses will come in deciding whether to accept log-ins from others. He again used the example of the United frequent-flyer accounts, which many people have but few access online. An airline may be willing to accept an AOL log-in, or any number of others, to validate a users identity, while a bank would demand stronger proof before allowing access to a checking account, he said.
The question of which outside sign-ons to accept is a decision every business is going to have to make for themselves, and Sun will not make it for them, Mr. Schwartz said.
But Mr. Davis of Summit Strategies said the problem facing the Liberty Alliance was not whether it could define a technological baseline this is not an overly complex area to establish a specification in but rather whether it could design a specification that is firm enough so that people can write to it.
As a single company promoting a single technology, Microsoft still has an advantage over the consortium, because Microsoft can certify whether code written by others complies with the standard, Mr. Davis said. Two different vendors writing software to the Liberty specification may come up with two sets of code that are both compliant with the specification but cannot interact with each other, he warned.
Mr. Davis also raised the possibility of Microsoft joining the Liberty Alliance, or at least working with the consortium to ensure that Passport is compatible with the Liberty Alliance members software. He noted that Microsoft has announced plans to adopt the Kerberos network-security standard a nonproprietary, open standard for Passport.
Microsoft is going to want a market where everybody can interoperate, he said. The services that are sold on top of the infrastructure is where the money is, not in the infrastructure itself.
From Our Archive
