Sun pushes for Liberty

Nearly two months after announcing its Identity Management platform, Sun Microsystems Inc. made a stop in Toronto on Monday to recruit members for the Liberty Alliance group, and explain the need for a new way to handle user identity over the Internet.

The Liberty Alliance is a group of vendors and end user organizations who are attempting to create specifications for single sign-on for both electronic commerce and Web services. Version 1.0 of the architecture is based on open standards such as security assertion markup language (SAML) and Java Authentication and Authorization Service.

Jeff Veis, the senior director, Sun One Business Alliance, said the cost to become a sponsor with Liberty is US$10,000 per month and US$1,000 per month as an associate. He argued in favour of a federated system because it would allow for authentication to happen in a co-operative way. He added that unlike traditional CRM, where data is collected but never shared, in the federated system, the consumer or end user is aware that the data is being collected and shared with consent over the Internet. It is a system that fosters accountability to the service provider and users alike.

“But it’s about making sure the identity that is shared is only about you. So even if you get spam your identity provider is accountable for that,” he said.

The previously announced Sun One platform for Identity Management is aimed at creating standards and providing a way to manage user identities across the Web. The offering includes software, hardware and services, and has been updated with Liberty-enabled Sun One and Identity Server 6 and Directory Server 5.2.

While the membership count in the Liberty Alliance continues to grow, Bell Canada Enterprises (BCE) joined last fall. BCE has been active on the marketing, promotion and in the development of the technology specs. And although Veis pitched greater involvement to Canadian companies, BCE is currently one of but a few organizations that are involved. A BCE spokesperson said while it was “not the perfect simple spec,” the company is looking to see if the system can fit with existing systems.

“We’re looking at the spec to see how it fits in with our own design and deployment. Our interest is to ensure interoperability with authentication systems that we have internally and externally. We’re optimistic that we can deploy going forward,” said Norm Silins, general manager, next generation services in Toronto.

BCE can be reached at

Sun Microsystems is at