February 15, 2005 (HOSTSEARCH.COM) Computer Associates International today announced that it is adding SAML (Security Assertions Markup Language) 2.0 support to its web access management solution, eTrust SiteMinder.
This will enable eTrust SiteMinder customers to share the authentication of users across security domains and organizations, thereby simplifying secure access to web resources while reducing costs associated with identity and access management. eTrust SiteMinder has supported SAML since it was ratified as an OASIS Standard in 2002.
Developed by the OASIS Security Services Technical Committee, SAML is an XML-based framework for communicating user authentication, entitlement and attribute information to internal or partner organizations. SAML 2.0 builds on the success of SAML 1.x and has adopted many features present in Liberty ID-FF 1.2 and the Internet2's Shibboleth architecture. Providing a unified identity federation standard, it features a variety of technical enhancements, including privacy mechanisms, session management and support for mobile technologies.
"Our Integrated Medical Management solution allows our managed care clients to effectively collaborate with their providers via the Internet. Identity federation is key to the secure and efficient sharing of information," said John H. Capobianco, president and chief marketing officer of MEDecision, Inc., a leader in collaborative care management. "CA's support for standards-based identity federation in eTrust SiteMinder is very valuable as we continue to extend our network of digital business relationships to better serve our customers and further grow our market presence."
CA is demonstrating SAML 2.0 support in eTrust SiteMinder at the RSA Conference, Feb. 16-17, in San Francisco in conjunction with an OASIS- sponsored Interoperability Lab. CA acquired SiteMinder through its acquisition of Netegrity.
"The release of the SAML 2.0 specification represents the next generation for identity federation and will empower distributed global enterprises to realize the full business benefits of standards-based federated identity," said James Bryce Clark, director of standards development for OASIS. "We appreciate CA's commitment to the development and implementation of SAML 2.0, as OASIS works to advance security system interoperability."
In addition to SAML, eTrust SiteMinder supports Liberty Alliance ID-FF and has demonstrated federation interoperability with Microsoft. CA plans to continue to use eTrust SiteMinder as the basis for its future federation offerings.
"SAML-compliant solutions allow IT organizations to integrate Web applications with partner and customer applications, without requiring re- authentication and redundant credential issuance and administration," said Vadim Lander, chief identity and access architect at CA. "CA's eTrust SiteMinder extends these capabilities by seamlessly enabling outsourcing, supply-chain, distribution, and other business initiatives while simultaneously reducing administration, development costs and helpdesk workloads." SAML 2.0 support in eTrust SiteMinder is scheduled to be available this summer.