March 3, 2006 4:00 AM PST

What's behind open-source ID push?

Big guns IBM and Novell threw their weight behind a previously obscure open-source identity management project this week, leading analysts to wonder: What's in it for those companies?

The two technology heavyweights are backing an initiative code-named Higgins Project, which the companies pitch as an open-source response to Microsoft's forthcoming InfoCard technology. Both Higgins and InfoCard are being presented as ways to give people more control of their personal data when doing business online. The systems also promise to work with the multiple authentication systems on the Net, making it easier for people to manage Internet logins and passwords.

Microsoft has been talking about InfoCard for some time now, and Chairman Bill Gates demonstrated it for the first time at last month's RSA Conference. The technology is to be built into Windows Vista, the next version of Microsoft's flagship operating system, and will also be available for Windows XP.

But Higgins is in the very early stages, and analysts have been left scratching their heads about IBM and Novell's involvement in it and about why an announcement was made. There are no clear examples of where Higgins would be used, the timelines are sketchy and there are no actual products or workable code, analysts said.

"It is too amorphous--the picture is cloudy. It looks like it might develop into a very interesting picture, but what are the odds (of that happening)? We don't know," Forrester Research analyst Michael Gavin said.

Both IBM and Novell have products that could benefit from Higgins. These are products for managing identity and access, a market IDC predicts will grow to almost $4 billion by 2009. Typically, the software identifies users in a system and controls their access to resources within that system by associating user rights and restrictions with an identity.

Higgins should ultimately provide a framework that allows identity management products from various vendors to interoperate, representatives for IBM and Novell said.

Like Microsoft with InfoCard, Higgins can provide technology for use in developing software for PCs, said Anthony Nadalin, the chief security architect at IBM. On top of that, it should enable existing identity management products, such as IBM's Tivoli software, to work with InfoCard and other technologies, he said--a point that's perhaps more important to Big Blue.

Pseudomys higginsi
Pseudomys higginsi, the Tasmanian
mouse whose name inspired the
project, emerges from obscurity.

"Our involvement in Higgins was a direct result of customers contacting IBM. They had heard about the Microsoft InfoCard project...and wanted to know how IBM was going to interoperate with InfoCard," Nadalin said. "There are many different identity systems out there today...Higgins is the glue that allows us to tie these various systems together."

Novell is backing the project for the same reason, said Dale Olds, a distinguished engineer at the software maker, which sells products such as Novell Identity Manager.

"A lot of times, businesses have already chosen a particular identity source, a directory service or any number of backend systems that control the information for their employees or customers," he said. "We see it as being in our best interest, and in the consumer's best interest, to have a system that works with any identity system--and that's what Higgins seeks to provide."

Interoperability could be a boon for organizations that use identity management products. Also, consumers could benefit, because they may have to enter fewer details when making transactions online. IBM plans to support Higgins in its products next year.

CONTINUED: Sketching out Higgins…
Page 1 | 2

See more CNET content tagged:
Microsoft Windows CardSpace, identity management, Novell Inc., IBM Corp., identity

22 comments

Join the conversation!
Add your comment
Are you kidding me?
"There are no clear examples of where Higgins would be used, the timelines are sketchy and there are no actual products or workable code, analysts said.

'It is too amorphous--the picture is cloudy. It looks like it might develop into a very interesting picture, but what are the odds (of that happening)? We don't know,' Forrester Research analyst Michael Gavin said."

How come this was never said with Vista or any other Mircosoft announced product? They announce vaporware all the time.
Posted by ordaj (338 comments )
Reply Link Flag
Exactly
Vaporware plain and simple. Both competitors have shown little interest in this area...until Info card came along. Anyone remember the last vaporware announced by Microsoft?
Posted by robertcampbell2 (103 comments )
Link Flag
Are you kidding me?
"There are no clear examples of where Higgins would be used, the timelines are sketchy and there are no actual products or workable code, analysts said.

'It is too amorphous--the picture is cloudy. It looks like it might develop into a very interesting picture, but what are the odds (of that happening)? We don't know,' Forrester Research analyst Michael Gavin said."

How come this was never said with Vista or any other Mircosoft announced product? They announce vaporware all the time.
Posted by ordaj (338 comments )
Reply Link Flag
Exactly
Vaporware plain and simple. Both competitors have shown little interest in this area...until Info card came along. Anyone remember the last vaporware announced by Microsoft?
Posted by robertcampbell2 (103 comments )
Link Flag
Somewhat misleading article title...
... in that you'd expect it to cover the "why"
as in "why would anyone want/need an 'identity
management' system".

As for why IBM or Novell might mention it,
that's pretty obvious, isn't it -- to let people
know that MS isn't the only game in town.
Further, they have the distinct advantage in
that the majority of the system already exists
as discrete open source components. For them,
there's a little glue to write, but mostly it's
an issue of writing up a standard for deploying
it -- and packaging it.

Of course the Forrester guy thinks it's
ambiguous. By design it's not a product, but a
rather a protocol that can be implemented using
existing off-the-shelf open-source or
proprietary tools.

As far as why anyone would want identity
management software -- for consumers, they want
it because they know companies they do business
with want it and without being on board they'll
be left out in the cold, companies like IBM and
Novell want it because it sells software and
services, vendors want it because even if it
isn't more secure it might provide more
opportunities to recoup losses through
litigation, and criminals want it because though
it will be hard to commit fraud initially, once
intimately familiar with the system you'll be
able to play it like a fiddle for fun and
profit.
Posted by Zymurgist (397 comments )
Reply Link Flag
Somewhat misleading article title...
... in that you'd expect it to cover the "why"
as in "why would anyone want/need an 'identity
management' system".

As for why IBM or Novell might mention it,
that's pretty obvious, isn't it -- to let people
know that MS isn't the only game in town.
Further, they have the distinct advantage in
that the majority of the system already exists
as discrete open source components. For them,
there's a little glue to write, but mostly it's
an issue of writing up a standard for deploying
it -- and packaging it.

Of course the Forrester guy thinks it's
ambiguous. By design it's not a product, but a
rather a protocol that can be implemented using
existing off-the-shelf open-source or
proprietary tools.

As far as why anyone would want identity
management software -- for consumers, they want
it because they know companies they do business
with want it and without being on board they'll
be left out in the cold, companies like IBM and
Novell want it because it sells software and
services, vendors want it because even if it
isn't more secure it might provide more
opportunities to recoup losses through
litigation, and criminals want it because though
it will be hard to commit fraud initially, once
intimately familiar with the system you'll be
able to play it like a fiddle for fun and
profit.
Posted by Zymurgist (397 comments )
Reply Link Flag
To get the big picture
Take a look here for why Higgins is important for Novell and IBM

<a class="jive-link-external" href="http://www.digitalidworld.com/modules.php?op=modload&#38;name=News&#38;file=article&#38;sid=326&#38;mode=chrono&#38;order=0&#38;thold=0" target="_newWindow">http://www.digitalidworld.com/modules.php?op=modload&#38;name=News&#38;file=article&#38;sid=326&#38;mode=chrono&#38;order=0&#38;thold=0</a>

and also here

<a class="jive-link-external" href="http://www.mwdadvisors.com/blog/2006/03/higgins-infocard-and-conspiracy.html" target="_newWindow">http://www.mwdadvisors.com/blog/2006/03/higgins-infocard-and-conspiracy.html</a>

for the challenges it poses for Sun
Posted by nmacehiter (3 comments )
Reply Link Flag
To get the big picture
Take a look here for why Higgins is important for Novell and IBM

<a class="jive-link-external" href="http://www.digitalidworld.com/modules.php?op=modload&#38;name=News&#38;file=article&#38;sid=326&#38;mode=chrono&#38;order=0&#38;thold=0" target="_newWindow">http://www.digitalidworld.com/modules.php?op=modload&#38;name=News&#38;file=article&#38;sid=326&#38;mode=chrono&#38;order=0&#38;thold=0</a>

and also here

<a class="jive-link-external" href="http://www.mwdadvisors.com/blog/2006/03/higgins-infocard-and-conspiracy.html" target="_newWindow">http://www.mwdadvisors.com/blog/2006/03/higgins-infocard-and-conspiracy.html</a>

for the challenges it poses for Sun
Posted by nmacehiter (3 comments )
Reply Link Flag
Mac and Linux fanboys are hilarious
So as long as a Linux pusher like IBM and Novell is pushing ID management it's all a -great- idea. But MS anounces InfoCard last year and you guys started preaching "the end of the world is upon us!". You guys are hilarious.
Posted by locoHost (25 comments )
Reply Link Flag
You mean it's a great idea... if it's open
THAT's the difference you're not understanding... yes we think it's a great idea if IBM and Novel are pushing it...because with them it's OPEN. With Microsoft it's not.

Open is better for everyone and more secure then a locked system where you don't know what the hell is going on behind the scenes.
Posted by Leppard (41 comments )
Link Flag
Mac and Linux fanboys are hilarious
So as long as a Linux pusher like IBM and Novell is pushing ID management it's all a -great- idea. But MS anounces InfoCard last year and you guys started preaching "the end of the world is upon us!". You guys are hilarious.
Posted by locoHost (25 comments )
Reply Link Flag
You mean it's a great idea... if it's open
THAT's the difference you're not understanding... yes we think it's a great idea if IBM and Novel are pushing it...because with them it's OPEN. With Microsoft it's not.

Open is better for everyone and more secure then a locked system where you don't know what the hell is going on behind the scenes.
Posted by Leppard (41 comments )
Link Flag
Plenty of time
Obviously, the announcement was intended to counter some of the media coverage by the recent Vista press releases from Microsoft. If the author of this article can't figure that out, he is *way* too dense to be covering IT issues.

Regarding the maturity of "Higgins" (or lack of same), I see no reason for the IBM/Novell consortium to be in any particular hurry. What was the last security/privacy initiative from MS that they didn't royally screw up? Remember "MS Wallet"?
Posted by samiamtoo (31 comments )
Reply Link Flag
Virtual Product Announcements Are Vaporware
It seems the duopoly of IBM and its guys and MSN and its guys are in a war of words or vaporware propaganda that basically is about the emporers in this case, both, being without clothes. No patented technology, no timeline, just good press by dubious means which is having good writers write about other writers specualations.

Simply put, the solution to the marketplace isn't coming from MSN due to trust restrictions and not from IBM and crew because they are like mice who are too fat to get away from the cat down the hole.

The marketplace is ready and it will take a lot to stop what is coming, a real solution by a real credible player that serves the wholesale market but put its product universally in the hands of the consumer who doesn't trust anyone else anyway.

Big brother failed, banks fail, Visa failed, Amex failed, MasterCard and all the security companies failed however the FFIEC says solve it so it will be solved because that is a virtual franchise waiting for a real patented solution that works.

That's what I think. Ciao now.
Posted by Iohagh (54 comments )
Link Flag
Virtual Product Announcements Are Vaporware
It seems the duopoly of IBM and its guys and MSN and its guys are in a war of words or vaporware propaganda that basically is about the emporers in this case, both, being without clothes. No patented technology, no timeline, just good press by dubious means which is having good writers write about other writers specualations.

Simply put, the solution to the marketplace isn't coming from MSN due to trust restrictions and not from IBM and crew because they are like mice who are too fat to get away from the cat down the hole.

The marketplace is ready and it will take a lot to stop what is coming, a real solution by a real credible player that serves the wholesale market but put its product universally in the hands of the consumer who doesn't trust anyone else anyway.

Big brother failed, banks fail, Visa failed, Amex failed, MasterCard and all the security companies failed however the FFIEC says solve it so it will be solved because that is a virtual franchise waiting for a real patented solution that works.

That's what I think. Ciao now.
Posted by Iohagh (54 comments )
Link Flag
Plenty of time
Obviously, the announcement was intended to counter some of the media coverage by the recent Vista press releases from Microsoft. If the author of this article can't figure that out, he is *way* too dense to be covering IT issues.

Regarding the maturity of "Higgins" (or lack of same), I see no reason for the IBM/Novell consortium to be in any particular hurry. What was the last security/privacy initiative from MS that they didn't royally screw up? Remember "MS Wallet"?
Posted by samiamtoo (31 comments )
Reply Link Flag
Virtual Product Announcements Are Vaporware
It seems the duopoly of IBM and its guys and MSN and its guys are in a war of words or vaporware propaganda that basically is about the emporers in this case, both, being without clothes. No patented technology, no timeline, just good press by dubious means which is having good writers write about other writers specualations.

Simply put, the solution to the marketplace isn't coming from MSN due to trust restrictions and not from IBM and crew because they are like mice who are too fat to get away from the cat down the hole.

The marketplace is ready and it will take a lot to stop what is coming, a real solution by a real credible player that serves the wholesale market but put its product universally in the hands of the consumer who doesn't trust anyone else anyway.

Big brother failed, banks fail, Visa failed, Amex failed, MasterCard and all the security companies failed however the FFIEC says solve it so it will be solved because that is a virtual franchise waiting for a real patented solution that works.

That's what I think. Ciao now.
Posted by Iohagh (54 comments )
Link Flag
Virtual Product Announcements Are Vaporware
It seems the duopoly of IBM and its guys and MSN and its guys are in a war of words or vaporware propaganda that basically is about the emporers in this case, both, being without clothes. No patented technology, no timeline, just good press by dubious means which is having good writers write about other writers specualations.

Simply put, the solution to the marketplace isn't coming from MSN due to trust restrictions and not from IBM and crew because they are like mice who are too fat to get away from the cat down the hole.

The marketplace is ready and it will take a lot to stop what is coming, a real solution by a real credible player that serves the wholesale market but put its product universally in the hands of the consumer who doesn't trust anyone else anyway.

Big brother failed, banks fail, Visa failed, Amex failed, MasterCard and all the security companies failed however the FFIEC says solve it so it will be solved because that is a virtual franchise waiting for a real patented solution that works.

That's what I think. Ciao now.
Posted by Iohagh (54 comments )
Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.