Novell has launched an ambitious open-source identity management project, which aims to allow companies to integrate different identity systems and provide a consistent approach to securing and managing identity.
Called Bandit, the company quietly initiated the project earlier this year, and has been donating engineering resources and code to get things started.
Novell has a track record in identity management products and some credibility in the open source world, due to its acquisition of Suse Linux, and is hoping that a freely available integration layer will mean more sales for the whole identity management market.
"Novell's initial sponsorship of the Bandit project is a natural extension of our leadership in both identity and open source, and we are gratified to see the groundswell of community support," said Jeff Jaffe, executive vice president and chief technology officer for Novell, in a statement.
The company has lined up support for Bandit from a number of key industry players, including ActivIdentity, Eclipse, IBM, Liberty Alliance, Microsoft, Novacoast, Red Hat, Sun, Sxip Identity, Symantec and Trusted Network Technologies.
"The Identity Metasystem provides a model for identity interoperability across the industry. We're happy to see Novell playing an active role in helping realise the Identity Metasystem and look forward to working with them to ensure interoperability between our respective products," said Kim Cameron, architect of Identity and Access for Microsoft, in a statement.
The Bandit services will work with existing industry standards such as the WS-* standards, Liberty Federation and Eclipse Higgins. Indeed Bandit has some overlap with the open-source Higgins effort, Novell has acknowledged, and Bandit's developers are planning a Higgins context provider based on Bandit's Common Identity service. The context provider is the way the Higgins framework accesses different identity repositories.
Ultimately, Bandit aims to provide an easier approach to problems such as secure, role-based access and regulatory compliance reporting, Novell said. The project's four main components are the Common Authentication Servics Adapter (CASA), the Common Identity service, the Role Engine service and the Audit Record Framework service.
Industry analysts have said the initiative appears promising, given Novell's background and the apparent willingness of other heavyweights to participate.
"This is not the first open source identity management initiative, but the involvement of identity management heavyweight Novell is significant," said Neil Macehiter, partner at analyst firm Macehiter Ward-Dutton, in a research note. "The fact that the project is focusing on higher-level identity management issues gives it added significance."