Home / News & Blogs

How Sun is building a stepping-stone to Liberty

Eric Knorr | March 18, 2002 12:00 AM PST

Summary

Eric Knorr says that Sun is on the right track by emphasizing single sign-on for enterprises first--and letting consumer identity services gestate at their own pace.

Topics

Liberty Alliance, Sun Microsystems Inc., iPlanet, Eric Knorr, Directory Services, .Net, Microsoft Windows Active Directory, Authentication/Encryption, Application Servers, Middleware, Security, Enterprise Software, Software, Software Development, Software/Web Development
The .Net My Services and Liberty Alliance consumer identity services seem stuck on the drawing board. In part, that could be because no one has adequately explained why consumers should be thrilled about surrendering so much vital personal information to someone else's server. On the other hand, identity servers for enterprise employees and their business customers make perfect, practical sense.

That's why Sun's announcement last week of the Sun One Platform for Network Identity seems right on target. The Liberty Alliance specification isn't baked yet--and probably won't be until the end of the year--so the hardware/software bundles released by Sun address the complex problem of single-sign-on authentication and security rights for users that are both internal and external to the enterprise right now. There's nothing new here: Basically, the Enterprise and Internet bundles wrap Sun's iPlanet Directory Server software around some Sun hardware and consulting. But it's a solid offering that builds on Sun's success in this area, where iPlanet Directory enjoys 22.8 percent of the market.

Today, internal and external users of enterprise systems may use a half-dozen apps and have a different security profile for each one. Providing a way to manage that centrally--as well as the rights of other companies' systems in B2B relationships--lowers both security risks and administrative costs. If you're an IT manager, this is the stuff that keeps you up at night.

Microsoft has its own Active Directory software for enterprises, but it's more targeted toward network access rights. And the relationship between Active Directory and Passport (the Microsoft authentication mechanism for .Net My Services) has never been clear. Sun's strategy of building from the enterprise out with iPlanet Directory Server seems exactly right, even though the Liberty Alliance spec is months behind that of .Net My Services.

I have no doubt that one day killer apps will emerge that make an identity service irresistible to consumers. Meanwhile, enterprises that implement such schemes for employees and business customers will reap immediate benefit--and by extending infrastructure already in place, be first to cash in when consumers finally join the party.

Have you implemented single sign-on for your enterprise? Are you considering it? Why or why not? E-mail Eric or Talk Back below.

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity