CGIDir Wednesday, June 14, 2006; 05:21 AM
Novell announced the creation of Bandit, an open
source project with a charter to unify disparate identity systems and
provide a consistent approach to securing and managing identity. The
identity services in development by the Bandit community are open
source and will work with existing industry standards such as WS- * and
Liberty Federation, and open source projects including Eclipse Higgins. Novell has already contributed engineering resources and
code to jump start this effort. Ultimately, the goal of the Bandit
project is to provide organizations with a consistent approach to
enterprise identity management challenges such as secure, role-based
access and regulatory compliance reporting.
"The Bandit project
is looking to address one of the toughest challenges in identity
management today -- provide a consistent approach to securing and
managing identity,” said Mike Neuenschwander, vice president and
research director for the Burton Group. “The creation of identity
services that abstract the complexity of identity systems and that are
interoperable and freely available is a worthwhile goal and represents
an important inflection point in the ongoing development of the
identity management market.”
While many organizations deploy
identity management technologies today, disparate vendor solutions can
create complexity and potentially slow adoption. By developing an open
source enablement layer, Novell and the Bandit community will make it
possible to standardize identity management across differing systems
and resources. Bandit's freely available code can then be overlayed on
an existing identity management system.
The Bandit project is
focused on delivering a single, consistent experience of digital
identity and includes several common identity services such as
authentication, roles, policy and compliance:
* The Common
Authentication Services Adapter (CASA) provides interoperable
authentication that enables application and enterprise single sign-on
with a secure vault for user and system credentials. * The Common Identity service is an implementation of the Higgins framework for representing digital identity.
* The Role Engine service can be integrated into any application to
consistently calculate role information and unify authorization across
systems. * The Audit Record Framework service provides an open
auditing and compliance API and receives audit records from Bandit's
open identity services and other applications to provide common
identity and event information to verify security and compliance.
Novell
already incorporates some of Bandit's open identity services within its
SUSE Linux distribution and plans to include Bandit's identity
services in future releases of other products. Novell will continue to
support the Bandit project with substantial engineering resources and
will maintain the project while the Bandit community grows.
“The
Bandit project was created in response to our customers' need to reduce
the complexity of identity management in the enterprise,” said Jeff
Jaffe, executive vice president and chief technology officer for
Novell. “The industry needs to come together and deliver common
identity services that provide a consistent experience, regardless of
the underlying infrastructure. Novell's initial sponsorship of the
Bandit project is a natural extension of our leadership in both
identity and open source, and we are gratified to see the groundswell
of community support.”
|