Call it what you will -- single sign-on, federated identity, one-stop
authentication -- letting users sign on to the Internet once and securely
access network resources anywhere has been one of the industry's enduring
quests. While numerous standards efforts have steadily pursued this
capability, most have been back-end technologies of which users are
mostly unaware. Periodically, however, something brings these efforts
to the foreground. Recent developments surrounding the open source OpenID
federated-identity technology signal another high-profile period for
single sign-on. But they also raise questions about how to achieve
interoperability between disparate technologies meant for distinctly
different user communities and which of these technologies might be worth
investment
authentication -- letting users sign on to the Internet once and securely
access network resources anywhere has been one of the industry's enduring
quests. While numerous standards efforts have steadily pursued this
capability, most have been back-end technologies of which users are
mostly unaware. Periodically, however, something brings these efforts
to the foreground. Recent developments surrounding the open source OpenID
federated-identity technology signal another high-profile period for
single sign-on. But they also raise questions about how to achieve
interoperability between disparate technologies meant for distinctly
different user communities and which of these technologies might be worth
investment
