Identity Governance Framework
Encyclopedia
The Identity Governance Framework is a strategic initiative of the Liberty Alliance
that will define a set of standards to help enterprises easily determine and control how identity information is used, stored, and propagated in appropriate and secure ways using protocols such as LDAP, SAML
, and WS-Trust
and ID-WSF.
The policy information is both useful to privacy auditors for assessing the use of identity information in applications and to policy enforcement systems for ensuring that appropriate use of identity information takes place.
For more information, consult the Liberty Alliance IGF Strategic Initiative web site.
An implementation of CARML and IGF Privacy Constraints is available through Project Aristotle, an Apache 2.0 Licensed open source project. Release 1.1 was released December 2009.
In February, 2007, the initiative was transferred to the Liberty Alliance
to take the draft proposal forward and fully develop the standard.
In July, 2007, Liberty announced completion of the Market Requirements Use Case documentation.
In June, 2008, Liberty Alliance announced publication of draft specifications for CARML and Privacy Constraints.
In November, 2008, Project Aristotle announced release 1.0 of the ArisID API implementing the draft specifications for IGF. See project FAQ for more information.
In November, 2009, Liberty Alliance published final specifications of IGF components CARML (Client Attribute Requirements Markup Language) and IGF Privacy Constraints.
In December, 2009, Project Aristotle published ArisID, an implementation of IGF 1.0 release 1.1.
Liberty Alliance
The Liberty Alliance was formed in September 2001 by approximately 30 organizations to establish open standards, guidelines and best practices for identity management...
that will define a set of standards to help enterprises easily determine and control how identity information is used, stored, and propagated in appropriate and secure ways using protocols such as LDAP, SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...
, and WS-Trust
WS-Trust
WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure...
and ID-WSF.
Purpose
The Identity Governance Framework (IGF) enables organizations to define policies that regulate and control the exchange of identity information between application systems both internally and with external partners. Identity information may include things like names, addresses, social security numbers or other information that would be otherwise considered related to an individual's identity.The policy information is both useful to privacy auditors for assessing the use of identity information in applications and to policy enforcement systems for ensuring that appropriate use of identity information takes place.
For more information, consult the Liberty Alliance IGF Strategic Initiative web site.
Status
Liberty Alliance published final specifications of IGF components CARML (Client Attribute Requirements Markup Language) and IGF Privacy Constraints in the fall of 2009. Ongoing standards work is now being handled by the Kantara Initiative, LSM Working GroupAn implementation of CARML and IGF Privacy Constraints is available through Project Aristotle, an Apache 2.0 Licensed open source project. Release 1.1 was released December 2009.
History
IGF was originally announced by Oracle in November, 2006 as a joint initiative between CA, HP, Layer 7 Technologies, Novell, Oracle, Ping Identity, Securent, and Sun Microsystems.In February, 2007, the initiative was transferred to the Liberty Alliance
Liberty Alliance
The Liberty Alliance was formed in September 2001 by approximately 30 organizations to establish open standards, guidelines and best practices for identity management...
to take the draft proposal forward and fully develop the standard.
In July, 2007, Liberty announced completion of the Market Requirements Use Case documentation.
In June, 2008, Liberty Alliance announced publication of draft specifications for CARML and Privacy Constraints.
In November, 2008, Project Aristotle announced release 1.0 of the ArisID API implementing the draft specifications for IGF. See project FAQ for more information.
In November, 2009, Liberty Alliance published final specifications of IGF components CARML (Client Attribute Requirements Markup Language) and IGF Privacy Constraints.
In December, 2009, Project Aristotle published ArisID, an implementation of IGF 1.0 release 1.1.
External links
- Liberty Alliance Identity Governance Strategic Initiative
- OpenLiberty Project Aristotle
- Oracle Technology Network IGF Page
Further reading
- Sarbanes-Oxley Compliance Journal - January 3, 2007 - Open Initiative to Help Organizations Govern Identity Information Across Enterprise Applications
- Network World - July 30, 2007 - Identity Governance Framework sprints to the finish line
- Sarbanes-Oxley Compliance Journal - January 24, 2008 - Identity Governance Framework - Liberty Alliance's Initiative Addressing Privacy and SOX
- ZDNet Dana Blankenhorn Blog - November 19, 2008 - Will identity be open source?