Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Alliance Launches Effort to Link Authentication Tools

November 14, 2005 12:00 PM ET

Computerworld - The Liberty Alliance Project, a consortium of companies that's working on federated identity management standards, last week announced the creation of a group that will focus on developing interoperability specifications for so-called strong authentication tools.


The Strong Authentication Expert Group (SAEG) includes American Express Co., Financial Services Technology Consortium Inc. (FSTC), Oracle Corp., VeriSign Inc. and the Defense Manpower Data Center within the U.S. Department of Defense.


Roger Sullivan, a Liberty Alliance board member, said the new group will try to speed up the development of strong authentication interoperability standards, specifically for federated networks where end users can use one set of identity credentials to gain access to multiple network domains.


But Sullivan, who is a vice president of business development at Oracle, added that "the principles of what we are discussing" could also be applied in network environments that aren't federated.


For that reason, the initiative should be relevant to the retail banking industry, said Jim Salters, director of technology development and business initiatives at the New York-based FSTC. He noted that banks face a deadline of Dec. 31, 2006, for implementing stronger processes for authenticating online customers under guidelines issued last month by the Federal Financial Institutions Examination Council.


The SAEG's Identity Strong Authentication Framework will be designed to enable technologies such as smart cards, tokens and biometric tools to interoperate across organizations, networks and vertical market segments. The first draft of the framework, which is referred to informally as ID-Safe, is expected to be completed by mid-2006.


Meanwhile, the FSTC is developing its own set of guidelines and standards for improving mutual authentication processes between banks and online customers.


The blueprint for mutual authentication is being developed by a 25-member group, including representatives from eight of the top 10 banks in the U.S., Salters said. He added that the goal is to make it easier for financial institutions to deploy strong authentication technologies and for consumers to adopt them.


The process brings financial institutions together "to discuss the commonalities that need to be in place for deploying stronger authentication," Salters said.


An initial set of specifications is due in next year's first quarter. The FSTC will also create a list of the interoperability and technology features that the financial industry needs to work on or provide to IT vendors, Salters said.


Another group working toward similar goals is the Initiative for Open Authentication, or Oath, which has a membership made up largely of IT vendors. Oath is developing interoperability standards and a reference architecture to foster the adoption of stronger authentication technologies.



Jump to comments

Security

Additional Resources

Xerox
By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!
Microsoft
Save time and mitigate security risk. Deploy it now.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Share our Strength
Download Now  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Security Convergence Equals Network Security Cost Savings
Listen to IBM Internet Security Systems' take on network security convergence.

Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...