The Liberty Alliance project aims to simplify the process of signing on to multiple Web sites, eventually allowing a user to use credit card details entered at one site to make purchases at others. Liberty has been developed in large part as a response to the Microsoft-specific Passport system, but as it gets closer to reality, that rivalry is becoming less significant.
On Monday 15 July, Sun Microsystems, United Airlines and dozens of other members of the Liberty Alliance Project released version 1.0 of the Liberty specification. Not in itself a product or a service, Liberty is a specification which services will use to communicate authentication information. the Liberty specification is based on another newly released standard, the Security Assertion Markup Language.
Liberty members usually talk about "simplified sign-on" rather than "single sign-on", but the basic principle is to allow users to move around the Net without having to authenticate themselves at different Web-sites. This idea, common to both Passport and Liberty, meets with a mixed reaction. In the age-old trade-off between usability and security, many people see such systems as going too far in the direction of usability. Making it too easy to log in to commerce sites, means that users will often be more intimately connected with a site than they realise. Sharing information increases the risks of it being misused, and such schemes will make it likely that users will share information in ways they do not realise.
In fact, the first version of Liberty is quite limited in scope. It will share authentication only, so that logging into one web site will automatically log a user into other federated web sites -- each one approved by the user. This will save the user time in logging into different sites in one session, and will save the effort of remembering multiple passwords, but will not streamline e-commerce.
A more feature-rich second phase of Liberty is expected early in 2003, said Michael Barrett, vice president of Internet strategy for American Express and a member of the Liberty Alliance. This version will include a standard way to exchange other information as well, such as credit card numbers or addresses, said Jonathan Schwartz, Sun's newly appointed executive vice president of software. This will allow users to buy products and services at multiple sites, having given their details at only one.
Liberty includes "opt-in" features that let computer users specify which accounts they want to link with a Liberty-supporting service. When the user visits a new Liberty-supporting site, a dialogue box prompts him or her to allow it to share authentication information with previously registered sites. With version 2, the user will also be able to specify what other information such as phone numbers they're willing to let their accounts share. Version 2 also will let users grant companies one-time permission to exchange information.
Allies on Monday billed Liberty chiefly as a boon to consumers and a way to reduce the headaches imposed by having to remember multiple login names and passwords. Navigating different Web sites requires frequent stops to sign on, the equivalent of running into a toll booth every mile on the highway, according to Rob Robless, United Airlines chief technology officer.
