Identity management for networked and distributed applications continues to
present several unique challenges for users and developers. Protocols such as OpenID and WS-Trust
have emerged as distributed identification protocols to help enable a more
globally available authentication scheme.
Earlier this month, the Eclipse Foundation announced the release of Higgins 1.0. Higgins is a suite of identity management solutions from the Eclipse foundation, created with the intent of simplifying and adding consistency to online authentication. The software infrastructure provided by Higgins is specifically targeted at providing a consistent interaction for users with multiple authentication protocols:
Higgins is not another identity protocol like OpenID, SAML, or WS-Trust; it is a framework that allows software developers to integrate and leverage multiple protocols within their applications. Specific identity protocols, like OpenID, which is very important for solving password management for things like blog, wikis, etc., are popular with specific users for specific use cases; however, the Project Higgins community believes there will continue to be multiple identity protocols used to support differing identity scenarios. Instead of requiring a developer to become proficient in all protocols, they can now use Higgins to gain support for them all.
Higgins is built around the concept of information cards, which are simply visual representations of a digital identity. The various components of Higgins are centered around helping end users interact with information cards, as well as enabling developers to support identity cards as a form of authentication in their respective applications.
There are three components provided by Higgins for enabling information-card authentication:
First, it provides multi-platform “identity selector” applications that end-users can use to sign-in to web sites and systems that are compatible with the emerging user-centric “Information Card”-based (or “i-card”-based) approach to authentication. This approach promises people fewer passwords, more convenience, and better security.
Current end-user solutions available include:
Higgins has received industry support from several companies that provide identity-management solutions including: IBM, Microsoft, and Novell.
Microsoft authored a similar technology to Higgins information cards with Windows CardSpace (initially released in 2006); Higgins identity selector solutions are compatible with CardSpace-enabled applications.
At the Eclipse project page, more information is available regarding Higgins identity solutions, and downloads are available for Higgins 1.0 solutions and components.
Earlier this month, the Eclipse Foundation announced the release of Higgins 1.0. Higgins is a suite of identity management solutions from the Eclipse foundation, created with the intent of simplifying and adding consistency to online authentication. The software infrastructure provided by Higgins is specifically targeted at providing a consistent interaction for users with multiple authentication protocols:
Higgins is not another identity protocol like OpenID, SAML, or WS-Trust; it is a framework that allows software developers to integrate and leverage multiple protocols within their applications. Specific identity protocols, like OpenID, which is very important for solving password management for things like blog, wikis, etc., are popular with specific users for specific use cases; however, the Project Higgins community believes there will continue to be multiple identity protocols used to support differing identity scenarios. Instead of requiring a developer to become proficient in all protocols, they can now use Higgins to gain support for them all.
Higgins is built around the concept of information cards, which are simply visual representations of a digital identity. The various components of Higgins are centered around helping end users interact with information cards, as well as enabling developers to support identity cards as a form of authentication in their respective applications.
There are three components provided by Higgins for enabling information-card authentication:
First, it provides multi-platform “identity selector” applications that end-users can use to sign-in to web sites and systems that are compatible with the emerging user-centric “Information Card”-based (or “i-card”-based) approach to authentication. This approach promises people fewer passwords, more convenience, and better security.
Current end-user solutions available include:
- A GTK/Cocoa selector, which includes a Firefox extension to launch the selection interface when a website requests i-card authentication.
- An Eclipse RCP-based desktop application which supports integration with Internet Explorer 7 to prompt for i-card selection on website request.
- A distributed, embedded Firefox-plugin-based selector -Where-as the first two solutions provide a local registry and selection service for managing information cards, this solution is an early representation of using a remote server to act as a distributed card registry.
- STS IdP - An identity provider solution utilizing WS-Trust.
- SAML2 IdP -An identity provider solution utilizing SAML2
Third, it implements the Higgins Global Graph (HGG) data model and the Higgins Identity Attribute Service (IdAS). Developers now have a framework that provides an interoperability and portability abstraction layer over existing “silos” of identity data. For the first time, IdAS makes it possible to “mash-up” identity and social network data across highly heterogeneous data sources including directories, relational databases, and social networks.
The HGG/IdAS layer of Higgins offers integration opportunities between several identification protocols such as OpenID, WS-Trust, SAML, and LDAP.Higgins has received industry support from several companies that provide identity-management solutions including: IBM, Microsoft, and Novell.
Microsoft authored a similar technology to Higgins information cards with Windows CardSpace (initially released in 2006); Higgins identity selector solutions are compatible with CardSpace-enabled applications.
At the Eclipse project page, more information is available regarding Higgins identity solutions, and downloads are available for Higgins 1.0 solutions and components.