The Liberty Alliance Project was an organization formed in September 2001 to establish standards, guidelines and best practices for

identity management Identity and access management (IAM or IdAM) or Identity management (IdM), is a framework of policies and technologies to ensure that the right users (that are part of the ecosystem connected to or within an enterprise) have the appropriate acce ...

in computer systems. It grew to more than 150 organizations, including technology vendors, consumer-facing companies, educational organizations and governments. It released frameworks for federation, identity assurance, an Identity Governance Framework, and Identity Web Services. By 2009, the Kantara Initiative took over the work of the Liberty Alliance.

History

The group was originally conceived and named by Jeff Veis, at

Sun Microsystems Sun Microsystems, Inc., often known as Sun for short, was an American technology company that existed from 1982 to 2010 which developed and sold computers, computer components, software, and information technology services. Sun contributed sig ...

based in

Menlo Park, California Menlo Park ( ) is a city at the eastern edge of San Mateo County, California, San Mateo County in the San Francisco Bay Area of California, United States. It is bordered by San Francisco Bay on the north and east; East Palo Alto, California, Eas ...

. The initiative's goal, which was personally promoted by

Scott McNealy Scott McNealy (born November 13, 1954) is an American businessman. He is most famous for co-founding the computer technology company Sun Microsystems in 1982 along with Vinod Khosla, Bill Joy, and Andy Bechtolsheim. In 2004, while still at Sun ...

of Sun, was to unify technology, commercial and government organizations to create a standard for federated, identity-based Internet applications as an alternative to technology appearing in the marketplace controlled by a single entity such as

Microsoft Microsoft Corporation is an American multinational corporation and technology company, technology conglomerate headquartered in Redmond, Washington. Founded in 1975, the company became influential in the History of personal computers#The ear ...

Passport A passport is an official travel document issued by a government that certifies a person's identity and nationality for international travel. A passport allows its bearer to enter and temporarily reside in a foreign country, access local aid ...

. Another Microsoft initiative,

HailStorm Hail is a form of solid precipitation. It is distinct from ice pellets (American English "sleet"), though the two are often confused. It consists of balls or irregular lumps of ice, each of which is called a hailstone. Ice pellets generally fal ...

, was renamed My Services but quietly shelved by April 2002. Sun positioned the group as independent, and Eric C. Dean of

United Airlines United Airlines, Inc. is a Major airlines of the United States, major airline in the United States headquartered in Chicago, Chicago, Illinois that operates an extensive domestic and international route network across the United States and six ...

became its president.

Identity federation

In July 2002, the alliance announced Liberty Identity Federation (ID-FF) 1.0. At that time, several member companies announced upcoming availability of Liberty-enabled products. Liberty Federation allowed consumers and users of Internet-based services and e-commerce applications to authenticate and sign-on to a network or domain once from any device and then visit or take part in services from multiple Websites. This federated approach did not require the user to re-authenticate and can support privacy controls established by the user. The Liberty Alliance subsequently released two more versions of the Identity Federation Framework, and then in November 2003, Liberty contributed its final version of the specification, ID-FF 1.2, to

OASIS In ecology, an oasis (; : oases ) is a fertile area of a desert or semi-desert environment SAML 2.0 Security Assertion Markup Language (SAML) 2.0 is a version of the Security Assertion Markup Language, SAML standard for exchanging authentication and authorization identities between security domains. SAML 2.0 is an XML-based communications ...

. By 2007, industry analyst firm

Gartner Gartner, Inc. is an American research and advisory firm focusing on business and technology topics. Gartner provides its products and services through research reports, conferences, and consulting. Its clients include large corporations, gover ...

claimed that SAML had gained wide acceptance in the community.

Identity web services

Liberty Alliance, releasing the Liberty Identity Web Services Framework (

ID-WSF In computer networking, Identity Web Services Framework is a protocol stack that profiles WS-Security, WS-Addressing, SAML and adds new protocol specifications of its own, such as the Discovery Service, for open market per user service discove ...

) in April 2004 for deploying and managing identity-based web services. Applications included

geolocation Geopositioning is the process of determining or estimating the geographic position of an object or a person. Geopositioning yields a set of Geographic coordinate system, geographic coordinates (such as latitude and longitude) in a given map datum ...

, contact book, calendar, mobile messaging and People Service, for managing social applications such as bookmarks, blogs, calendars, photo sharing and instant messaging in a secure and privacy-respecting federated social network. In a 2008 marketing report recommended considering it for federation.

Certification

The alliance introduced a certification program in 2003, designed to test commercial and open source products against published standards to assure base levels of interoperability between products. In 2007, the US

General Services Administration The General Services Administration (GSA) is an Independent agencies of the United States government, independent agency of the United States government established in 1949 to help manage and support the basic functioning of federal agencies. G ...

began requiring this certification for participating in the US E-Authentication Identity Federation.

Openliberty.org

In January 2007, the alliance announced a project for

open-source software Open-source software (OSS) is Software, computer software that is released under a Open-source license, license in which the copyright holder grants users the rights to use, study, change, and Software distribution, distribute the software an ...

developers building identity-based applications. OpenLiberty.org was a portal where developers can collaborate and access tools and information to develop applications based on alliance standards. In November 2008, OpenLiberty released an open source

application programming interface An application programming interface (API) is a connection between computers or between computer programs. It is a type of software Interface (computing), interface, offering a service to other pieces of software. A document or standard that des ...

called ArisID.

Identity governance framework

In February 2007

Oracle Corporation Oracle Corporation is an American Multinational corporation, multinational computer technology company headquartered in Austin, Texas. Co-founded in 1977 in Santa Clara, California, by Larry Ellison, who remains executive chairman, Oracle was ...

contributed the Identity Governance Framework to the alliance, which released the first version publicly in July 2007. The Identity Governance Framework defined how identity related information is used, stored, and propagated using protocols such as

LDAP The Lightweight Directory Access Protocol (LDAP ) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed Directory service, directory information services over an Internet Protocol (IP) networ ...

, Security Assertion Markup Language, WS-Trust, and ID-WSF.

Identity assurance framework

The Liberty Alliance began work on its identity assurance framework in 2008. The Identity Assurance Framework (IAF) detailed four identity assurance levels designed to link trusted identity-enabled enterprise, social networking and Web applications together based on business rules and security risks associated with each level. The four levels of assurance were outlined by a 2006 document from the US

National Institute of Standards and Technology The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into Outline of p ...

. The level of assurance provided is measured by the strength and rigor of the identity proofing process, the credential's strength, and the management processes the service provider applies to it. These four assurance levels were adopted by UK, Canada, and USA government services.

Concordia project

In 2007 the Liberty Alliance helped to found the Project Concordia, an independent initiative for harmonization identity specifications. It was active through 2008.

Privacy and policy

The alliance wrote papers on business and policy aspects of identity management. It hosted meetings in 2007 and 2008 to promote itself.

Membership

Management board members included

AOL AOL (formerly a company known as AOL Inc. and originally known as America Online) is an American web portal and online service provider based in New York City, and a brand marketed by Yahoo! Inc. The service traces its history to an online ...

British Telecom BT Group plc (formerly British Telecom) is a British Multinational corporation, multinational telecommunications holding company headquartered in London, England. It has operations in around 180 countries and is the largest provider of fixed-li ...

Computer Associates CA Technologies, Inc., formerly Computer Associates International, Inc., and CA, Inc., was an American multinational enterprise software developer and publisher that existed from 1976 to 2018. CA grew to rank as one of the largest independent ...

(CA),

Fidelity Investments Fidelity Investments, formerly known as Fidelity Management & Research (FMR), owned by FMR LLC and headquartered in Boston, Massachusetts, provides financial services. Established in 1946, the company is one of the largest asset managers in the ...

Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...

Internet Society The Internet Society (ISOC) is an American non-profit advocacy organization founded in 1992 with local chapters around the world. It has offices in Reston, Virginia, United States, and Geneva, Switzerland. Organization The Internet Society ...

(ISOC),

Novell Novell, Inc. () was an American software and services company headquartered in Provo, Utah, that existed from 1980 until 2014. Its most significant product was the multi-platform network operating system known as NetWare. Novell technolog ...

Nippon Telegraph and Telephone (NTT) is a Japanese telecommunications holding company headquartered in Tokyo, Japan. Ranked 55th in ''Fortune'' Global 500, NTT is the fourth largest telecommunications company in the world in terms of revenue, as well as the third largest pu ...

(NTT), Vodafone, Oracle Corporation and Sun Microsystems.

References

External links

Liberty Alliance web site
*

Liberty ID-FF 1.2 Archive

As described above

in November 2003. For the record, here is a complete list of contributed ID-FF 1.2 documents: Only the archived PDF files are individually addressable on the Liberty Alliance web site. (The original contributed documents are lost.) To obtain copies of the remaining archived files, download both th
Liberty ID-FF 1.2 archive
and th
Liberty 1.1 support archive
{{authority control Standards organizations in the United States Identity management initiative Organizations established in 2001 Organizations disestablished in 2009 2001 establishments in the United States 2009 disestablishments in the United States