Oracle Corp. last week debuted new software that can be used to help grant -- or deny -- users access to information on PCs, and industry insiders told UPI's The Web the company's moves could provide momentum for a promising IT security concept.
The software tools are part of an emerging model called "federated identity," for which programmers are writing policies that discern the type of data each user can view and enforce that access with passwords or other identification requirements, such as biometrics.
The new software tools, called Security Developer Tools, are based on specifications written by the OASIS SAML and the Liberty Alliance Project. They enable companies to grant select customers and partners access to certain files -- and keep them out of files they don't want them to view -- via the Internet.
Rival Sun Microsystems also has developed a system-access-management technology. IBM, Microsoft and BEA Systems have been incorporating federated-identity concepts into their software as well.
Moreover, through the Liberty Alliance Project, about 150 other companies are working on SAML 2.0-based interoperability for federated-identity solutions and Web-based identity services, including the Electronics & Telecommunications Research Institute, Ericsson, Novell, Oracle, Reactivity, Sun Microsystems, Symlabs and Trustgenix.
"It's all about the reality of products that work together in actual deployments," said Earl Perkins, vice president of Gartner Inc., a research consultancy.
Other developers are building new viewer-access tools as well, though less broad in scope than the projects initiated by Oracle and industry consortia. For example, developers have created applications, such as "for my eyes only printing," which enable users to print confidential documents.
"If a user prints a confidential document, the printer will cue the print request, but will not actually print the job until the user is standing at the printer and authenticates the request," said Jeremy Kartcher, a spokesman for Silex Technology America Inc., a software and hardware developer in Salt Lake City.
Oracle said in a statement that companies, particularly in the financial-services sector, could use federated-identity solutions to create a "competitive advantage" for themselves. For example, if a firm has secure access to a supplier ordering management applications, a sales representative can log on to a supplier's network, then inform the customer about the exact status of a pending order.
With distributed computing, companies can expect to communicate between an array of software programs. Because much of the communication happens over the Internet, there are possible security threats, from malicious hackers to viruses to probes by intelligence-seeking rivals.
The move into federated-identity tools is a significant part of Oracle's middleware strategy and includes products such as Oracle Application Server 10g, Oracle Identity Management, Oracle Collaboration Suite and Oracle Data Hubs.
The company's $5.8 billion acquisition last week of rival Siebel Systems is seen by close industry watchers as a way to expand on the applications side of its business, while the Redwood Shores, Calif., company develops middleware applications organically.
"With this latest acquisition, Oracle is now in a position to set its sights on SAP, which now finds itself with a minority market share of 6.7 percent in the CRM space," said Chris Boring, vice president of marketing at Aplus.Net, a Web-hosting developer and consultant in San Diego.
Boring cautioned, however, that by chasing SAP, Oracle leaves itself vulnerable on other fronts.
"While the two are locked in battle over this space, opportunities may open up for the open source and Web services players to garner market share," he said.
Copyright 2005 by United Press International
Explore further:
Juiced roads: Volvo explores electric power for trucks, buses
