OATH Releases Major Update to Open Authentication Reference Architecture.Initiative for Open AuTHentication Initiative for Open Authentication (OATH) is an industry-wide collaboration to develop an open reference architecture using open standards to promote the adoption of strong authentication. (OATH)'s New v2.0 Reference Architecture Forms Basis for Industry Backed Standards for Open Authentication (1) Verifying the integrity of a transmitted message. See message integrity, e-mail authentication and MAC. (2) Verifying the identity of a user logging into a network. WASHINGTON CROSSING Washington Crossing may refer to:
This significantly updated document reflects the current state-of-the-art of strong authentication technology and also sets the vision for the future. It provides a strong foundation for OATH member companies and their customers towards a comprehensive open and industry-endorsed technology solution for strong authentication. The document also sets a high-level technical roadmap for OATH members, by helping identify key gaps and develop industry-wide standards to address them. The Reference Architecture includes two key new concepts that will help in wider adoption and expansion of strong authentication technology. The updated Reference Architecture promotes a vision of risk-based strong authentication where a risk level is assessed for each transaction and the appropriate level of strong authentication is used. It also presents several models for the sharing of strong authentication credentials across organizations and networks. This includes leveraging existing federated identity In information technology, federated identity has two general meanings:
"The delivery of this new Reference Architecture document represents thousands of hours spent with OATH member companies as well as significant research into the successful implementation of OATH-derived technologies with our member's customer-sites. This has resulted in a much stronger reference architecture for developing industry-backed standards for open authentication," said Siddharth Bajaj, OATH Joint Coordination Committee (JCC JCC Jewish Community Center JCC Jackson Community College JCC Jefferson Community College JCC Joint Consultative Committee JCC Jamestown Community College (Olean and Jamestown, New York) JCC Johnston Community College ) Chair and principal in the Innovation Group of VeriSign, Inc. "I am particularly pleased with how OATH member companies were generous with time provided for their key technology personnel to contribute to this Reference Architecture in a very meaningful way." The document is a must-read for decision makers and technical architects from OATH member and non-member companies, IT managers and architects from organizations that are considering deploying strong authentication solutions, and other standards organizations that share all, or part, of the OATH vision. The goals for the OATH Reference Architecture v2.0 include: * To establish an open Reference Architecture for strong authentication by leveraging existing open standards Specifications for hardware and software that are developed by a standards organization or a consortium involved in supporting a standard. Available to the public for developing compliant products, open standards imply "open systems;" that an existing component in a system can be replaced and leading standardization efforts in well-established technical standards bodies Following are some of the standards bodies defined in this database. For Windows users of CDE, look up Lessons/Review/Associations. For Web users of CDE's online HTML version, review the Lessons list at the bottom of the definition. Organization Covers ANSI U.S. where existing standards are not available. * To propagate device credentials, strong authentication algorithms and software to many network end-points, such as desktop computers, servers, switches, WiFi access points and set-top boxes. * To propagate low-cost, multi-function authentication devices like tokens and smart cards Example of widely used contactless smart cards are Hong Kong's Octopus card, Paris' Calypso/Navigo card and Lisbon' LisboaViva card, which predate the ISO/IEC 14443 standard. The following tables list smart cards used for public transportation and other electronic purse applications. . * To transform today's mobile devices, such as mobile phones, PDAs and laptops, into strong authentication devices. * To build upon well-established infrastructure components, such as directories and RADIUS servers This is a list of notable RADIUS server implementations. Open source / free software
* To facilitate native support for strong device and user authentication See authentication. on application and identity management platforms. * To enable sharing of strong authentication tokens and credentials across organizations and networks. To leverage emerging user-centric identity technologies and federated identity protocols as powerful propagation and sharing mechanisms for strong authentication. * To promote a vision of risk-based strong authentication where the authentication level is adjusted commensurate with the perceived risk of each transaction. To enable better evaluation of risk across organizations by enabling sharing of fraud patterns and other related information. * To increase the number of packaged applications (such as enterprise resource planning See ERP. (application, business) Enterprise Resource Planning - (ERP) Any software system designed to support and automate the business processes of medium and large businesses. (ERP (Enterprise Resource Planning) An integrated information system that serves all departments within an enterprise. Evolving out of the manufacturing industry, ERP implies the use of packaged software rather than proprietary software written by or for one customer. ), material requirements planning (application) Material Requirements Planning - (MRP) A system for effectively managing material requirements in a manufacturing process. Information systems have long been an important part of the manufacturing environment. (MRP (Material Requirements Planning) An information system that determines what assemblies must be built and what materials must be procured in order to build a unit of equipment by a certain date. ) and customer relationship management (CRM (Customer Relationship Management) An integrated information system that is used to plan, schedule and control the presales and postsales activities in an organization. ) applications) that support strong authentication, by providing a standard interface for management and verification of strong authentication credentials. * To enable best-of-breed solutions through interoperable components. The OATH Reference Architecture v2.0 is jointly defined and published by key industry partners that share the vision of universal strong authentication. OATH member companies believe that by laying the groundwork for ubiquity Ubiquity See also Omnipresence. Burma-Shave their signs seen as “verses of the wayside throughout America.” [Am. Commerce and Folklore: Misc. , integration and interoperability, an open architecture can reduce the risk and complexity of deploying strong authentication products. Lowered risks and costs will drive adoption in enterprises, service providers and governments around the World. By making strong authentication for all users and all devices part of the network fabric, the entire user community will benefit. Increasing trust in the network end-points will make new types of secure interactions possible. The updated version of the document includes five areas of focus including the new area of risk evaluation framework. These are - client framework, validation framework, risk evaluation framework, client provisioning and management framework, and common data model. The document identifies key gaps that exist today in each of these areas thereby setting the roadmap for the organization. The Reference Architecture document is free and available to interested organizations at http://www.openauthentication.org/reg.asp. About the Initiative for Open AuTHentication The Initiative for Open AuTHentication (OATH) is the industry's leading collaboration of device, platform and application companies, and end user customers of authentication technologies. OATH participants hope to foster use of strong authentication across networks, devices and applications. OATH participants work collectively to facilitate standards and build reference architecture for open authentication while evangelizing the benefits of strong interoperable authentication in a networked world. As OATH grows, the organization is actively seeking feedback and technology contributions from end-user participants who share a common vision for open authentication technology and the products that provide this important measure of security. OATH is dedicated to helping customers reduce the cost and complexity of deploying strong authentication within enterprises, and across the Internet. Since its formation three years ago, OATH's membership includes security industry leaders from token manufacturers, platform vendors, smartcard providers, and security services Security services are state institutions for the provision of intelligence, primarily of a strategic nature, but also including protective security intelligence. Examples include the Security Service (MI5) and the Secret Intelligence Service (MI6) in the United Kingdom, and the companies. End user companies are joining OATH to add their voice and ideas towards the goal of open authentication. To join OATH and to see a list of its current membership, go to: http://www.openauthentication.org/membership.asp. To learn more about OATH, e-mail info@openauthentication.org or visit http://www.openauthentication.org. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion