[Debian-OASIS] Fwd: [announce] OASIS SAML Interop Lab Demonstrates Single Sign-On for GSA E-Gov's E-Authentication Initiative

Mark Johnson mrj@debian.org
Thu, 29 Apr 2004 17:45:53 -0400 

----- Forwarded message from Carol Geyer <carol.geyer@oasis-open.org> -----
    Date: Wed, 25 Feb 2004 12:03:56 -0500
    From: Carol Geyer <carol.geyer@oasis-open.org>
Reply-To: Carol Geyer <carol.geyer@oasis-open.org>
 Subject: [announce] OASIS SAML Interop Lab Demonstrates Single Sign-On for GSA
E-Gov's E-Authentication Initiative
      To: announce@lists.oasis-open.org

OASIS SAML Interoperability Lab Demonstrates Single Sign-On for GSA E-Gov's
E-Authentication Initiative

Computer Associates, DataPower Technology, Entrust, Hewlett-Packard, Oblix,
OpenNetwork, RSA Security, Sun Microsystems, and Others Showcase
Authentication and Authorization Standard at RSA Conference

San Francisco, CA, USA; 2004 RSA Conference; 25 February 2004 -- Eleven
vendors teamed with the U.S. General Service Administration (GSA) E-Gov
E-Authentication Initiative to demonstrate interoperability of the Security
Assertion Markup Language (SAML), an OASIS Standard for the exchange of
authentication and authorization information. For the first time ever,
members of the OASIS Security Services Technical Committee demonstrated both
types of SAML version 1.1 Single Sign-On, along with additional scenarios
that highlight SAML's flexibility.

The OASIS SAML Interoperability Lab, sponsored by GSA, hosted by RSA
Security, and co-sponsored by Sun Microsystems, used three separate
scenarios to simulate interaction between a government or enterprise portal
and sites from typical content or service providers.

The GSA E-Authentication Initiative is committed to delivering open
standards-based authentication solutions to U.S. government agencies.
Currently, E-Authentication is working with products that are interoperable
using the SAML 1.0 protocol. According to Steve Timchak, E-Authentication
Program Manager, "Interoperability among products is a key to the federated
approach adopted by the E-Authentication Initiative. Additional protocols
will emerge and become viable standards in the E-Authentication environment
as federated authentication evolves. Sponsoring the SAML 1.1
Interoperability Lab is part of E-Authentication's commitment to this
evolution."

"We have validated SAML's strong traction in the marketplace in several
reports this year and in work with our client base, estimating it is in use
at between 100 and 200 organizations worldwide," said Dan Blum, Senior Vice
President and Research Director, Burton Group. "SAML is a proven standard
offering implementers opportunities for productivity gains, cost savings,
risk transference, or competitive advantage. Additional work on nailing down
interoperability will enhance SAML's value to customers, and we are pleased
to see 11 vendors participate in the RSA Conference interoperability event."

"SAML 1.1 succeeds in establishing a basis for federated identity, an
environment where attention to interoperability is imperative," said Robert
Philpott of RSA Security, co-chair of the OASIS Security Services Technical
Committee. Philpott, together with fellow co-chair, Prateek Mishra of
Netegrity, pointed to SAML adoption by Liberty Alliance, the Internet2/MACE
Shibboleth project, and OASIS WS-Security, as signs of widespread
implementation in the industry.


Vendors Collaborate on SAML Interoperability

Computer Associates
"As organizations continue to move more business transactions online, the
importance of the SAML standard grows exponentially. Computer Associates
embraces open standards, and we are fully committed to delivering security
management solutions built upon these standards to empower secure federated
identity management. New standards such as SAML, Liberty, and SPML allow
organizations to securely provision, validate, and pass identity and
authorization information, thereby reducing end-user management costs while
enhancing the support and deployment of Web services," said Gavenraj Sodhi,
product manager for eTrust Security Management solutions at CA. 

Entrust
"Our participation in the OASIS SAML Interoperability Lab showcases our
ongoing commitment to the advancement of open standards as well as our
support for the US Federal Government E-Authentication initiative," said
Chris Voice, vice-president, Secure Identity Management Solutions, Entrust,
Inc. "SAML interoperability is key to enabling business and government to
extend application architectures and leverage the efficiencies of broad
single sign-on in a federated environment."

Oblix
"Oblix is completely dedicated to interoperability between systems," said
Prakash Ramamurthy, vice president of products & technology, Oblix. "Oblix
has both endorsed and invested in open standards such as SPML and SAML, and
drove the industry's first and most robust deployment using the SAML
specification. Customers benefit the most from products that adhere to open
standards, and we support that model as the only cost-effective way to
connect people, resources and systems."

OpenNetwork
"This event validates the value of industry standards such as SAML and their
importance to achieving better interoperability among disparate platforms
and across company borders. We're able to show with more clarity than ever
before how an enterprise can extend its reach safely, quickly and
cost-effectively without having to abandon its existing infrastructure
investments," said Bob Worner, vice president of engineering at OpenNetwork.


RSA Security
"The new business opportunities and cost savings that SAML enables are
driving its rapid acceptance as a standard among software vendors and
enterprise customers," said Jason Lewis, vice president of product
management and marketing at RSA Security. "Having contributed technology to
the initial SAML effort and being one of the first to offer a solution that
supports the current version, SAML 1.1, RSA Security is pleased to be a part
of the value that it is creating."


About OASIS

OASIS (Organization for the Advancement of Structured Information Standards)
is a not-for-profit, global consortium that drives the development,
convergence, and adoption of e-business standards. Members themselves set
the OASIS technical agenda, using a lightweight, open process expressly
designed to promote industry consensus and unite disparate efforts. OASIS
produces worldwide standards for security, Web services, conformance,
business transactions, electronic publishing, topic maps and
interoperability within and between marketplaces. Founded in 1993, OASIS has
more than 2,500 participants representing over 600 organizations and
individual members in 100 countries. http://www.oasis-open.org


Additional information:

OASIS Security Services Technical Committee
http://www.oasis-open.org/committees/security

GSA eAuthentication Program
http://cio.gov/eauthentication



Press contact:
Carol Geyer
Director of Communications
OASIS
carol.geyer@oasis-open.org
+1.978.667.5115 x209



To unsubscribe from this mailing list (and be removed from the roster of the
OASIS TC), go to
http://www.oasis-open.org/apps/org/workgroup/announce/members/leave_workgroup.php.

----- End forwarded message -----



____________________________________________________________
Mark Johnson      <mrj@debian.org>
Debian XML/SGML:  <http://debian-xml-sgml.alioth.debian.org>
Home Page:        <http://dulug.duke.edu/~mark/>
GPG fp: DBEA FA3C C46A 70B5 F120  568B 89D5 4F61 C07D E242