While some U.S. universities have been using Shibboleth since 2003, adoption of the system grew rapidly in 2005. It's now used at 500-plus sites worldwide, including educational systems in Australia, Belgium, England, Finland, Denmark, Germany, Switzerland, and the Netherlands; even institutions in China are signing on. Also in late 2005, Internet2 announced Shibboleth's interoperability with a Microsoft security infrastructure called the Active Directory Federation Service. Critically, the system is moving into the private sector, too. The science and medical division of research publishing conglomerate Reed Elsevier has begun granting university-based subscribers access to its online resources through Shibboleth, rather than requiring separate, Elsevier-specific logins. And Cantor has forged ties with the Liberty Alliance, a consortium of more than 150 companies and other institutions dedicated to creating shared identity and authentication systems. With Cantor's help, the alliance, which includes companies such as AOL, Bank of America, IBM, and Fidelity Investments, is basing the design of its authentication systems on a common standard known as SAML. The alliance, Cantor says, was "wrestling with lots of the same hard questions that we were, and we were starting to play in the same kind of territories. Now there is a common foundation....we're trying to make it ubiquitous." With technical barriers overcome, the companies can now roll out systems as their business needs dictate. Of course, Cantor is not the only researcher, nor Shibboleth the only technology, in the field of Internet authentication. In 1999, for instance, Microsoft launched its Passport system, which let Windows users access any participating website using their e-mail addresses and passwords. Passport, however, encountered a range of security and privacy problems. But thanks to the efforts of the Shibboleth team and the Liberty Alliance, Web surfers could start accessing multiple sites with a single login in the next year or so, as companies begin rolling out interoperable authentication systems. OTHER PLAYERS Stefan Brands -- Cryptology, identity management, and authentication technologies Kim Cameron -- "InfoCard" system to manage and employ a range of digital identity information Robert Morgan -- "Person registry" that gathers identity data from source systems; scalable authentication infrastructure Tony Nadalin -- Personal-identity software platform Home page image courtesy of Bryan Christie Design. |
Audio »
Share »
Digg this
Add to del.icio.us
Add to Reddit
Add to Facebook
Slashdot It!
Stumble It!
Add to Newsvine
Add to Connotea
Add to CiteUlike
Add to Furl
Googlize this
Add to Rojo
Add to MyWeb
Favorite
Print
E-mail
Fingerprinting Your Files
08/04/2004
Massachusetts Institute of Technology
Comments
Guest (chuan) on 04/27/2006 at 12:00 AM
1
Single sign-on means that losing your password will have greater implication than before. Is there any way of overcome this problem ?
Guest (Scott Cantor) on 04/27/2006 at 12:00 AM
1
Guest (farang) on 05/01/2006 at 12:00 AM
1
Guest (Will Norris) on 05/22/2006 at 12:00 AM
1
Guest (threemallards) on 05/15/2006 at 12:00 AM
1
Guest (Gurudatt Shenoy) on 08/04/2006 at 12:00 AM
1
OsamaBinLaden on 11/11/2006 at 9:40 PM
1