Andre Durand

Discovering life, one mistake at a time.

Archive for December, 2002

Public Source License – v1.0 Released

December 31, 2002 By: Andre Category: Life

Larry Rosen and I finally completed the first version of our Public Source License (for use with software being released at, a hybrid open source/commercial license which attempts to gene-splice the best of two worlds, commercially supported software combined with access to source-code and open community contribution.

The way the license works, source code is made available for royalty free use, distribution and modification with only a few restrictions intended to allow the sponsoring company a method of directly monetizing its efforts.

Commercial entities who use the software over some pre-defined metric and companies who intend to commercially redistribute a derivative work must pay the sponsoring company according to a pricing schedule which corresponds to each version of the software. All other use is allowed royalty fee under the license.

While I’m sure this hybrid licesning model will be met with some resistance by true “open source” community developers, I believe it marks a milestone in the continued search to find sustainable open source/commercial hybrid models. 

If you or your company wishes to use this license, contact me at

Click Here to View The License

Public Source License – SourceID SSO v1.0

December 31, 2002 By: Andre Category: Musings

License Summary

The Public Source License (the “License”) applies to SourceID SSO software distributed by Ping Identity Corporation. It authorizes you to copy, distribute or modify the software, royalty free, for unlimited personal or non-commercial use, or for commercial use on fewer than 100 computers. The fees for commercial use on 100 or more computers are available at

This is a summary of license terms intended to describe, in plain English, the nature and scope of this License. However, this summary is not a part of this License. The legal effect of the License is dependent only upon the terms of the License, including its definitions, and not this summary.

Ping Identity Corporation provides you with both the executable version of the software and the associated source code. You may modify the source code and use, copy or distribute your modified versions. Please note that the term “Modifications” is defined specifically in the License below.

If you modify the software and distribute your modifications, you must distribute your modified source code and executable code under the terms of this License. This reciprocity provision ensures that recipients of your modifications can enjoy the same rights to your modifications as this License grants to you, and that they will accept the same obligations. If you plan to distribute your modifications under this License, you must also grant back to Ping Identity Corporation a license to your modifications so that we may, at our discretion, incorporate them into our future distributions. Further information about the SourceID SSC public source software development project can be found at A Proprietary Source Code Waiver, permitting you to distribute your modifications without disclosing your source code (subject to the payment of a one-time Proprietary License Fee), is attached as Exhibit A to the License below.

If you become aware of third party claims or other intellectual property rights that would restrict or limit use of the software, you must notify everyone to whom you give copies. You must also retain all copyright, trademark or patent notices already in the software. These provisions are intended to ensure that there is a clear record of ownership of all intellectual property rights necessary to copy, modify, distribute, make, use or sell the software or modified versions of the software.

The software is distributed on an AS IS basis, WITHOUT WARRANTY OF ANY KIND. You cannot hold Ping Identity Corporation liable for any damages that result from use of the software.

The License terminates automatically if you breach any of the terms of the License, or if you assert certain types of patent claims against Ping Identity Corporation or any contributor.

We encourage you to read the terms and conditions of the License carefully before you use, copy, modify or distribute this software. You must expressly assent to this License upon installation of the software or before you will be allowed to execute the software for the first time. For all other uses of the software not covered under this License you must obtain an amendment to the License.

Ping Identity Corporation welcomes your comments and suggestions about its software and its other products. We can be reached at 341 Albion Street, Denver CO 80220, or at

Public Source License

SourceID SSO v1.0

This Public Source License (the “License”) applies to certain software (“SourceID SSO software” or “Licensed Software”) distributed by Ping Identity Corporation, 341 Albion Street, Denver, Colorado 80220 (the “Licensor”). The Licensed Software is protected by copyright law. This License identifies the terms under which you may use, copy, distribute or modify the Licensed Software. For a license to use, copy, distribute or modify Ping Identity Corporation products under terms or conditions other than those described here, or for trademark licensing, please contact the Licensor at

License Terms

1. Grant of Copyright License from Licensor. In consideration for your acceptance of all of the terms and conditions of this License, Licensor (and, by application of Section 5 of this License, each Contributor of Modifications, as those terms are later defined) grants to you a world-wide, non-exclusive license, under copyrights now owned or controlled by Licensor or Contributor, to use, reproduce, modify, display, perform and distribute Licensed Software (including Modifications) or portions thereof, in both Source Code or as an executable program, as follows:

a. Without payment of royalty for unlimited Personal Use or Non-Commercial Distribution (as those terms are defined below);

b. Without payment of royalty for other than Personal Use and Non-Commercial Distribution as long as Licensed Software will run on fewer than 100 computers (as that term is defined below); and

c. Subject to the payment of one-time paid-up Royalty Fees for other than Personal Use and Non-Commercial Distribution on 100 or more computers. Licenses to run the Software on additional computers are subject to the Royalty Fees and payment terms as obtained at and in effect on the date such additional licenses are obtained from Licensor. Royalty Fees to run the Software on additional computers are due and payable to Licensor prior to first use on those computers.

2. Grant of Patent License from Licensor. In consideration for your acceptance of all of the terms and conditions of this License including, without limitation, the payment of applicable Royalty Fees as described in Section 1 above, Licensor (and, by application of Section 5 of this License, each Contributor of Modifications) grants to you a world-wide, non-exclusive license, under claims of patents now or hereafter owned or controlled by Licensor or Contributor, to make, use, sell, offer for sale, have made, and/or otherwise dispose of Licensed Software (including Modifications) or portions thereof for the uses permitted by this License, but solely to the extent that any such claim is necessary to enable you to make, use, sell, offer for sale, have made, and/or otherwise dispose of Licensed Software (including Modifications) that you received from Licensor or a Contributor.

3. Definitions.

a. As used in this License, the term “Personal Use” means the functional use of software by an individual solely for his or her personal, private and non-commercial purposes. An individual’s use of software in his or her capacity as an officer, employee, member, independent contractor or agent of a corporation, business or organization (commercial or non-commercial) does not qualify as Personal Use.

b. As used in this License, the term “Non-Commercial Distribution” means the distribution of software to any third party for which no payment is made in connection with such distribution, whether directly (including, without limitation, payment for a copy of the software) or indirectly (including, without limitation, payment for a service related to the software, or payment for a product or service that includes a copy of the software “without charge”).

c. As used in this License, the term “Source Code” means the preferred form for making Modifications to software, including all modules contained therein, plus any associated interface definition files, scripts used to control compilation and installation of an executable program, or a list of differential comparisons against the Source Code of the software.

d. As used in this License, the term “Modifications” means any additions to or deletions from the substance or structure of (i) a file containing Licensed Software, or (ii) any new file that contains any part of Licensed Software. The term Modifications includes, without limitation, Derivative Works, as that term is defined in U.S. Copyright Law, 17 U.S.C. §101. If you merely combine the Licensed Software with other software and do not modify any of the Source Code provided under this License, then you have not created Modifications that are subject to the provisions of Section 5.

e. As used in this License, the term “Contributor” means any person or entity that created or contributed to the creation of, and distributed, Modifications.

f. “You” throughout this License, whether in upper or lower case, means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License or a future version of this License issued under Section 8. For legal entities, “you” includes any entity that controls, is controlled by, or is under common control with you. For purposes of this definition, “control” means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity.

g. As used in section 1 of this License, the term “computer” refers to a single processor running a single instance of Licensed Software. Each additional processor or instance of Licensed Software counts as an additional computer.

4. Exclusions from License Grant. Nothing in this License shall be deemed to grant any rights to trademarks, copyrights, patents, trade secrets or any other intellectual property of Licensor or any Contributor except as expressly stated herein. No patent license is granted separate from the Licensed Software, for code that you delete from the Licensed Software and use separately, or for combinations of the Licensed Software with other software or hardware. Nothing in this License shall be interpreted to prohibit Licensor from licensing under different terms from this License any software that Licensor otherwise would have a right to license.

5. Your Obligations Regarding Distribution.

a. Application of This License to Your Modifications. As an express condition for your use and distribution of the Licensed Software, you hereby agree that any Modifications that you create or to which you contribute, and which you distribute, are governed by the terms of this License including, without limitation, Sections 1 and 2. You must include a copy of this License with every copy of the Licensed Software or Modifications that you distribute, and you must obtain the express assent of your sublicensees to this License before you allow them to install the Licensed Software or use it for the first time.

b. Responsibility for Payment of Royalties. You and your sublicensees shall be jointly and severally liable for all royalties due by your sublicensees under this License, which must be paid to Licensor prior to distribution of Licensed Software or Modifications. You may charge additional fees to your sublicensees for your Modifications or for services relating thereto.

c. Availability of Source Code. You must make available, under the terms of this License, the Source Code of the Licensed Software and any Modifications that you distribute, either on the same media as you distribute any executable or other form of the Licensed Software, or via a mechanism generally accepted in the software development community for the electronic transfer of data (an “Electronic Distribution Mechanism”). The Source Code for any version of Licensed Software or Modifications that you distribute must remain available for at least twelve (12) months after the date it initially became available, or at least six (6) months after a subsequent version of said Licensed Software or Modifications has been made available. You are responsible for ensuring that the Source Code version remains available even if the Electronic Distribution Mechanism is maintained by a third party. You must also contribute the Source Code for any version of Licensed Software or Modifications that you distribute to the SourceID SSO project by following the contributor instructions at

d. Description of Modifications. You must cause any Modifications that you create or to which you contribute, and which you distribute, to contain a file documenting the additions, changes or deletions you made to the Source Code of the Licensed Software, and the dates of any such additions, changes or deletions. You must include a prominent statement in the Source Code that the Modifications are derived, directly or indirectly, from the Licensed Software. You may not modify or delete any preexisting copyright, patent, trademark or other attribution notices in the Licensed Software.

e. Grant-Back of License to Modifications. As an express condition for the license to create and distribute Modifications granted to you in Section 1 herein, you hereby grant to Ping Identity Corporation, its successors and assignees, a world-wide, royalty-free, non-exclusive license, subject to third party intellectual property claims, to do the following:

i. Under copyrights owned or controlled by you, to use, reproduce, modify, display, perform, sublicense and distribute your Modifications or portions thereof, in both Source Code or as an executable program; and

ii. Under claims of patents now or hereafter owned or controlled by you, to make, use, sell, offer for sale, have made, and/or otherwise dispose of your Modifications or portions thereof, but solely to the extent that any such claim is necessary to enable Ping Identity Corporation, its successors and assignees, to make, use, sell, offer for sale, have made, and/or otherwise dispose of your Modifications alone or in combination with Licensed Software.

f. Intellectual Property Matters.

i. Third Party Claims. If you have knowledge that a license to a third party’s intellectual property right may be required to exercise the rights granted by this License, you must include a text file with your Source Code distribution titled “LEGAL” that describes the intellectual property right and the owner of the intellectual property right in sufficient detail that a recipient will know whom to contact. If you obtain such knowledge after you make any Modifications available as described in Section 5(a), you shall promptly modify the LEGAL file in all copies you make available thereafter and shall take other steps (such as notifying appropriate mailing lists or newsgroups) reasonably calculated to inform those who received the Licensed Software from you that new knowledge has been obtained.

ii. Contributor APIs. If your Modifications include an application programming interface (“API”) and you have knowledge of patent licenses that are reasonably necessary to implement that API, you must also include this information in the LEGAL file.

iii. Representations. You represent that, except as disclosed pursuant to 5(f)(i) above, you believe that any Modifications you distribute are your original creations and that you have sufficient rights to grant the rights conveyed by this License.

6. Inability to Comply Due to Statute or Regulation. If it is impossible for you to comply with any of the terms of this License with respect to some or all of the Licensed Software due to statute, judicial order, or regulation, then you must (i) comply with the terms of this License to the maximum extent possible, (ii) cite the statute or regulation that prohibits you from adhering to the License, and (iii) describe the limitations and the code they affect. Such description must be included in the LEGAL file described in Section 5(f)(1), and must be included with all distributions of the Source Code. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill at computer programming to be able to understand it.

7. Versions of This License.

a. New Versions. Licensor may publish from time to time revised and/or new versions of the License.

b. Effect of New Versions. Once Licensed Software has been distributed under a particular version of the License, you may always continue to use it under the terms of that version. You may also choose to use Licensed Software under the terms of any subsequent version of the License published by Licensor. No one other than Licensor has the right to modify the terms applicable to Licensed Software created under this License.

c. Derivative Works of this License. If you create or use a modified version of this License, which you may do only in order to apply it to software that is not already Licensed Software under this License, you must rename your license so that it is not confusingly similar to this License, and must make it clear that your license contains terms that differ from this License. In so naming your license, you may not use any trademark of Licensor or any Contributor.

8. Disclaimer of Warranty. Licensed Software is provided under this License on an “AS IS” BASIS, WITHOUT WARRANTY OF ANY KIND, either express or implied, including, without limitation, warranties that the Licensed Software is free of defects, merchantable, fit for a particular purpose or non-infringing. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE LICENSED SOFTWARE IS WITH YOU. Should Licensed Software prove defective in any respect, YOU (and not the Licensor or any Contributor) assume the cost of any necessary servicing, repair or correction. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF LICENSED PRODUCT IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS DISCLAIMER.

9. Termination.

a. Automatic Termination upon Breach. This license and the rights granted hereunder will terminate automatically if you fail to comply with the terms of this License and fail to cure such breach within thirty (30) days of becoming aware of the breach. Provisions that, by their nature, must remain in effect beyond the termination of this License, shall survive.

b. Termination upon Assertion of Patent Infringement. If you initiate litigation by asserting a patent infringement claim (excluding declaratory judgment actions) against Licensor or a Contributor (Licensor or Contributor against whom you file such an action is referred to herein as “Respondent”) alleging that Licensed Software, alone or including Modifications, directly or indirectly infringes any patent, then any and all rights granted by such Respondent to you under Sections 1 or 2 of this License shall terminate prospectively upon sixty (60) days notice from Respondent (the “Notice Period”) unless within that Notice Period you either agree in writing (i) to pay Respondent a mutually agreeable reasonably royalty for your past or future use of Licensed Software made by such Respondent, or (ii) withdraw your litigation claim with respect to Licensed Software against such Respondent. If within said Notice Period a reasonable royalty and payment arrangement are not mutually agreed upon in writing by the parties or the litigation claim is not withdrawn, the rights granted by Licensor to you under Sections 1 and 2 automatically terminate at the expiration of said Notice Period.

c. Reasonable Value of This License. If you assert a patent infringement claim against Respondent alleging that Licensed Software, alone or including Modifications, directly or indirectly infringes any patent where such claim is resolved (such as by license or settlement) prior to the initiation of patent infringement litigation, then the reasonable value of the licenses granted by said Respondent under Sections 1 and 2 shall be taken into account in determining the amount or value of any payment or license.

d. No Retroactive Effect of Termination. In the event of termination under Sections 9(a) or 9(b) above, all sublicenses (excluding licenses to distributors and resellers) that have been validly granted by you or any of your distributors or resellers prior to termination shall survive termination.

10. Limitation of Liability. Under no circumstances and under no legal theory, whether in tort (including negligence), contract, or otherwise, shall the Licensor, any Contributor, or any distributor of Licensed Software alone or including Modifications, or any supplier of any such parties, be liable to any person for any indirect, incidental, or consequential damages of any character including, without limitation, damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses, even if such party shall have been informed of the possibility of such damages. This limitation of liability shall not apply to liability for death or personal injury resulting from such party’s negligence to the extent applicable law prohibits such limitation. Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages, so this exclusion and limitation may not apply to you.

11. Responsibility for Claims. As between Licensor and Contributors, each party is responsible for claims and damages arising, directly or indirectly, out of its utilization of rights under this License. You agree to work with Licensor and Contributors to distribute such responsibility on an equitable basis. Nothing herein is intended or shall be deemed to constitute any admission of liability.

12. U.S. Government End Users. The Licensed Software is a “commercial item,” as that term is defined in 48 C.F.R. 2.101 (Oct. 1995), consisting of “commercial computer software” and “commercial computer software documentation,” as such terms are used in 48 C.F.R. 12.212 (Sept. 1995). Consistent with 48 C.F.R. 12.212 and 48 C.F.R. 227.7202-1 through 227.7202-4 (June 1995), all U.S. Government End Users acquire Licensed Software with only those rights set forth herein.

13. Miscellaneous. This License (excluding any accompanying license summary) represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. This License shall be governed by Colorado law provisions (except to the extent applicable law, if any, provides otherwise), excluding its conflict-of-law provisions. You expressly agree that any litigation relating to this license shall be subject to the jurisdiction of the federal courts or state courts in the State of Colorado (as appropriate), with venue lying in Denver, Colorado, with the losing party responsible for costs including, without limitation, court costs and reasonable attorneys’ fees and expenses. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. You and Licensor expressly waive any rights to a jury trial in any litigation concerning Licensed Software or this License. Any law or regulation that provides that the language of a contract shall be construed against the drafter shall not apply to this License.

Exhibit A

Proprietary Source Code Waiver

This Proprietary Source Code Waiver (the “Waiver”) to the Ping Public Source License (the “License”) for SourceID SSO software (the “Licensed Software”) is made in consideration for the payment to Ping Identity Corporation (the “Licensor”) of a one-time Proprietary License Fee by the Licensee identified below. (Contact for further information on the amount of the Proprietary License Fee.)

1. Licensor hereby waives enforcement of the provision of the License at Section 5(a) that requires that any Modifications of the Licensed Software that Licensee creates or to which it contributes, and that it distributes, be governed by the terms of the License.

2. Licensor hereby waives enforcement of the provision of the License at Section 5(c) that requires Licensee to distribute the Source Code of its Modifications of the Licensed Software.

3. Licensor hereby waives enforcement of the provision of the License at Section 5(d) that requires Licensee to document the additions, changes or deletions it made to the Source Code of the Licensed Software.

4. Licensor hereby waives enforcement of the provision of the License at Section 5(e) that requires Licensee to grant-back a license to its Modifications of the Licensed Software to Ping Identity Corporation.

All other License terms, including the requirement to pay Royalty Fees as described in the License, remain in full force and effect.

This Waiver shall become effective upon the payment to Ping Identity Corporation of the Proprietary License Fee and the execution of this Waiver by duly authorized representatives of the two parties identified below.

Ping Identity Corporation:

Licensee: ___________________________________

Signed: ____________________ ____

Signed: _____________________________________

Name: ________________________

Name: _____________________________________

Title: _________________________

Title: _______________________________________

Date: _________________________

Date: ______________________________________

This license is (c) Copyright 2002, Ping Identity Corporation

Federated Identity Management – Whitepaper

December 09, 2002 By: Andre Category: Ping Identity

By Eric Norlin and Andre Durand

Enterprises are faced with an increasingly complex set of challenges as they balance the need for security and the growing requirements for seamless access to information from an ever more diverse set of users. While existing identity management solutions can help reduce the inefficiencies associated with managing internal users, roles, permissions and access to information, there are a growing number of applications that require the inter-company (federated) exchange of identity-based information (e.g. single sign-on, web services etc.).  As a consequence of globalization and increased pervasiveness of outsourcing, the emergence of federated identity will require enterprises to re-examine the approaches they use to deal with inter-company information exchange, especially as it pertains to digital identity. Establishing quality control and managing liability within the context of required interdependence mandates companies explore new ways of establishing and managing trust. Accordingly, this document explores strategies for managing the complexity associated with wide-scale identity federation, including strategies for pooling resources and the creation of standardized business frameworks for assuring quality, maintaining security, managing liability, reducing risk and resolving disputes.

Towards Federated Identity Management

December 09, 2002 By: Andre Category: Musings

Eric and I wrote this whitepaper back in 2002. It’s always interesting to see if your writings stand the test of time. I believe two years later this document still captures the problems and challenges associated with scaling identity federation interactions. Most of the concerns addressed in this whitepaper have now been addressed through products and services offered by Ping Identity Corporation or through the PingID Network. If you like this whitepaper, I strongly suggest you also read the following: How the nature of identity will shape it’s deployment & Topology of Federation.

by Eric Norlin and Andre Durand – (C) Copyright 2002-2004, Ping Identity Corporation

The IT Dilemma
The 1990’s witnessed enterprise adoption of an increasing number of information systems, each designed to streamline business processes through electronic automation. With the introduction of new systems for managing customers, supply chains, content  and corporate knowledge, enterprises have been challenged with how to cost-effectively integrate and maintain an increasing number of information systems across a growing number of networks and platforms.  Simultaneously, enterprises have also been challenged by the need to provide increased access to a larger and more dynamic group of end-users.

The challenge of managing these systems has resulted in a complex IT dilemma – namely, how to control costs and maintain security while increasing access to information.

The IT Dilemma: How to balance growing access to information with the need to maintain security.

As a consequence of globalization and to add to the growing list of corporate pressures, IT departments are now being forced to increase access to information for both employees (e.g. intranets) and partners and customers (e.g. extranets, supply chain management etc.).  These and other pressures are driving corporations to re-evaluate their security and information architectures to accommodate the increasingly dynamic and transparent ways in which a growing number of parties wish to interact.

The Advent of Digital Identity
New distributed computing models such as those proposed by web services create a fresh set of challenges which in turn have given rise to a requirement to establish stronger and more granular methods of electronic identification.

To meet these new challenges, emerging technologies such as ‘Digital Identity’ are now being recognized as a key ingredient in the re-architecting of systems to accommodate the secure adoption of more distributed and transparent computing models. 

The broad adoption of XML Web services as a computing model means that solutions no longer reside just within the four walls of an organization—while this brings new capabilities, it also forces one to consider how to manage trust and identity, not just across internal applications that are tightly controlled by corporate IT, but also to manage identity information across applications and services that span organizations, platforms, security approaches, and programming models.
 Microsoft Website regarding Federated Security and Identity Roadmap

As corporate IT systems become more distributed and interdependent with partners and affiliates, new Digital Identity-based information architectures are helping to readily “identify” each component, thereby allowing IT departments to maintain security while allowing increased access to sensitive information. By answering the questions: a) Who are you? B) What are you allowed to do? and c) Where are you allowed to go? in a cost efficient way, IT departments are able to respond to the pressures of globalization by safely allowing their boundaries to become more transparent and permeable.

To help manage this transparent access to information, companies are integrating identity management solutions which help automate the procedures for user and role provisioning, password management and access control to information. To date however, the bulk of these solutions have focused on the internal use and management of identity, and not the inter-company and interdependent management of identity information between companies — what is know referred to as ‘Federated Identity Management’.

While current identity management solutions provide distinct cost-saving benefits, they do not specifically address the issues which surround the emergence of identity federation, namely, how to safely and without incurring liability, exchange identity information between companies. 


From Enterprise to Federated Identity Management
The true nature of the identity challenge is just now beginning to unfold, and stems not from how corporations manage identities within their control, but how they manage identities that are at least partially beyond their control. 


Federated Identity Management (FIM), or the management of identities between corporate boundaries, has recently emerged in response to the desires to simplify the way in which individuals (consumers) are able to move between companies.  Applications such as shared sign-on (SSO) and the emergence of web services architectures are driving the need for companies to understand and manage inter-company dependencies. Unlike EIM, where technology serves to resolve a good portion of the corporate IT dilemma, FIM raises issues which are far more complex and extensive, and require new approaches. To truly appreciate the FIM challenge, one must recognize that some identity information fundamentally exists beyond the corporate firewall, and is therefore at least partially beyond any one corporation’s individual control.

The adoption of new distributed computing models (e.g. federated identity and web services) are requiring enterprises to recast their view of themselves as a component of a larger interdependent construct.  With the emergence of inter-company computing, the hard boundaries of today’s corporate firewalls are dissolving, or at least becoming semi-transparent — allowing for more transparent movement of the individual between control boundaries.


Identity Federation
Federated Identity is just one of several new distributed computing constructs that recognizes the fact that individuals move between corporate boundaries at an increasingly frequent rate. Driving the requirement to understand the implications of identity federation is the rise in popularity of Shared Sign-On (SSO), an application which reduces redundant logons by allowing applications, systems and companies to share a user (identity) authentication.  As a consequence of inter-company SSO, and the interdependency which is assumed in such interactions, companies are now forced to deal with new issues such as liability, risk and the costs associated with establishing trust and security in a quality conscious manner.  As one would expect, these new challenges give rise to new costs, including: (i) the cost of negotiating and establishing formal agreements with electronic trading partners, (specifying the rules which will govern the exchange of identity information—including provisions for legal liability, dispute resolution and ensuring compliance with privacy requirements), (ii) the cost of implementing new technologies and (iii) the cost of maintaining security.

“Over the next few years we have to deal with some very messy problems – namely, what it takes to deploy federated technology along with what it takes to bash out contracts between partners…”
Michael Barrett, Vice President of Internet Strategy at American Express & President of Liberty Alliance

Challenges of Wide-Scale Identity Federation
While it’s entirely possible to control the costs and complexity of identity federation on a limited scale, within small circles of trust, wide-scale federation introduces new costs, complexity and challenges which exist on an entirely new scale.

The real challenge of wide-scale FIM only becomes evident when attempting to scale beyond a few partnerships, as when engaging several dozen, hundreds or even thousands of companies, many of which may not be known or ‘trusted.’

The reality is, trust will only take you so far in terms of managing quality and maintaining security in a new world of inter-company computing dependencies. It’s inevitable that if we are to realize the full potential of the Internet as a medium for automated electronic interaction, we holistically approach the challenges which allow us to engage one another on the largest of scales — everyone talking to everyone.

To efficiently enable wide-scale identity federation, without incurring incremental costs which are proportional to the number of relationships which are established, both technology and business standards must be established and new frameworks for creating these relationships explored.


 Figure: Four major areas which must be addressed to enable wide-scale identity federation.

Furthermore, the business issues of mutual confidence, liability, risk and compliance must be consistently and cost effectively addressed if inter-company interaction surrounding identity is to become a reality.


In analyzing the complete spectrum of technical and business issues surrounding wide-scale federation, the following challenges must be addressed:

Interoperability Standards
Technical interoperability is the cornerstone of efficient wide-scale federation.  Less interoperability, the full potential of identity federation will never be achieved. Addressing interoperability requires cross industry cooperation to ensure that the resulting solutions address the wide range of systems with which it must integrate. The Liberty Alliance Project is one such consortium which understands the need for open standards surrounding interoperable identity.

The mission of the Liberty Alliance Project is to establish an open standard for federated network identity through open technical specifications.
Liberty Alliance Project Website

Managing the Needs of All Constituents
Unlike the management of identity within an enterprise, where user data is deemed proprietary and an asset of the corporation, federated identity requires the privacy requirements of the principle be satisfied and that the exchange of data does not violate government legislation such as the Health Insurance Portability and Accountability Act (HIPPA) or Gramm Leach Bliley Act (GLB). 

Figure: Successful identity federation requires that the needs of three different constituents be met: 1) individual, 2) government and 3) business.


The challenge of federated identity lies in managing – and indeed aligning – the needs of all three constituents. Without a structure for doing so, constituents might soon find themselves at odds with government legislation, privacy concerns of consumers or the needs of business to better serve their customers.

Ever Expanding ‘Circles of Trust’ – Peering to the Nth Degree
As companies engage ever larger concentric circles of trust, moving from known and trusted trading partners to first time interactions with a growing number of entities, a requirement to establish legal agreements becomes ever more evident. Practically speaking, while it’s possible to establish agreements with a few dozen entities through bilateral negotiation, it’s entirely cost prohibitive and impractical to do so with hundreds or potentially thousands of companies.

To overcome this challenge, new models of peering must be explored — models which do not introduce proportional costs, or an inconsistent handling of relationships.

Dispute Resolution
Just as the necessary business agreements must be established for the federation of identity, so too the necessary measures of resolving disputes. Imagine a customer of an online brokerage firm who uses a shared identity to access their account to perform a critical trade but is unable to do to so as a result of a problem stemming from the shared authentication. Who’s at fault? Who’s financially liable? What’s the individual’s recourse? And most importantly, what are the efficient and timely procedures for revolving the incident? Without a defined resolution process to the issues which will arise as a result of inter-company dependencies such as this, the legal ramifications alone would prohibit voluntary interaction.

In today’s electronic environment, liability is both compartmentalized and binary, each party specifically limiting or explicitly refusing to incur any liability which results from assertions or representations to third parties. With a movement towards web services and identity federation, inter-company dependencies become fundamentally more substantial and the potential ramifications which may result from assertions which are inaccurate more damaging.

Initially at least, it is unlikely that any additional liability will be tolerated as companies begin to engage one another in federated identity interactions. While this may be satisfactory (because the risk is known) when dealing with known and trusted trading partners, it becomes less tolerable when engaging or relying upon an unknown company’s assertions. Long term at least, the future of web services and identity federation depends on the industry at large defining acceptable methods of addressing quality in identity assertions, thereby reducing the risk of financial liability. Furthermore, accountability must be established as companies engage one another in asserting identity or other forms of information within the larger context of federation.

Quality Assurance
Overall, addressing the issue of quality is a major challenge in the context of wide-scale federation. Without an ability to assure or affect quality in the assertions which are made between companies, the cost of misplaced trust outweighs the rewards of relying upon others.

A foundation for enabling quality begins with an ability to define minimum standards and requirements, and an assertion by each party which is either self-certified or independently certified that they can and will adhere to these minimum requirements.

Furthermore, legally binding recourse must be defined in a context which motivates (if not rewards) each party for continual improvement in the quality of the assertions which they represent to other relying parties. 

One of the risks of identity federation is that security becomes interdependent, a notion which is viewed negatively or in some cases unacceptable by IT. Furthermore, as an identity-owner, the possibility that linked accounts (within an identity federation) can result in additional damage to a digital reputation if compromised by identity fraud is potentially terrifying.

How therefore companies can minimize the inevitability of security breaches and the resulting damage or financial exposure is of major concern. Defining the procedures for revoking credentials, suspending an identity or lowering the confidence in a particular interaction below some threshold must become an integral component of any quality assured identity network.

Risk Management
Every interaction which involves a third party inherently introduces new risks. While every company’s tolerance for risk is different, each company must evaluate for themselves how much they are willing to invest to reduce risk.

Within the context of wide-scale identity federation, the risks of misplaced trust can easily outweigh the potential return of having the freedom to interact with everyone. That said, the risk of isolationism can result in a loss of marketshare to those companies who better serve the same customer.

In today’s non-federated environment, risk is both assessed and addressed on a company by company basis, a format which is appropriate, but also expensive and inappropriate or perhaps even cost prohibitive if new variables are introduced through federation. While federation introduces new risks, it also introduces new possibilities, and requires new approaches towards addressing those problems. With proper coordination, both group and individual risk can be minimized through a pooling of efforts. One of the ways to address this collectively is to define for the federation the same minimum quality standards, standardized procedures, certification and credentialing programs which are used individually, and to track the adherence to these standards and the success or failures of each interaction.

Privacy Compliance
As identity authentications and attributes are shared within an identity federation, businesses are compelled through privacy legislation to be cognoscente of the individuals privacy rights and preferences.  Identity federation simply does not work if an individual is subjected to differing privacy policies but is not explicitly made aware of such fact as they move from one company to the next within a SSO interaction.  Privacy legislation such as HIPPA and GLB are making these issues ever-more complex. As noted earlier, identity federation MUST accommodate the needs and desires of all three constituents, the individual, the business and the government. Once again, a pooling of resources within an identity federation can reduce redundancy and thereby alleviate or help to solve many of these issues.


Defining a Solution: The ATM Network Analogy
One potential framework which can serve as a model to understand how many of the challenges surrounding federated identity can be resolved can be found in the analogous history of the evolution of ATM and other financial networks.

For hundreds of years, the banking industry was characterized as a local or regional business. With the advent of ATM’s, it became possible to extend a bank’s presence to allow cash withdrawal 24/7 from a much greater number of locations. While this enhanced consumer convenience, it also created a problem, namely, how could individuals remove cash from ANY ATM, even if that ATM was not sponsored by the individual’s bank.
To resolve this issue, banks began to regionally establish ATM relationships with other banks, and to invest in connecting their systems electronically through dedicated links to one another. While this solved some of the problems, at least locally, it didn’t resolve how the traveling individual withdrew funds from an ATM in another state or country.

Once more, it was becoming increasingly cost-prohibitive for banks to negotiate and establish what appeared to be a never ending number of electronic relationships with other banks.

In response to this problem, national and international ATM networks were established to respond to this “PeeringNth” degree dilemma. By establishing a set of common operating rules and regulations, these new independent third party ATM networks were able to address the quality control issues surrounding minimum requirements and standardized procedures while at the same time reducing a requirement for every bank to communicate directly with every other bank (by offering transaction clearing house services).

At the core of many of these networks was a member-owned corporation that provided for a fair and equitable governance structure, affording its membership an opportunity to define for themselves the operating rules and minimum requirements with which they would engage one another.

Enter the PingID Network – An Identity Network Operator
The PingID Network is a member-owned, technology-neutral identity network, the first of its kind designed to provide the necessary business and legal framework for the accelerated development of wide-scale identity federation. 

The rapid adoption of identity services in the absence of formalized inter-company business processes, procedures and standards will result in a patchwork of isolated solutions and a growing and inefficient replication of unmanageable legal agreements. An organized effort is required to represent the best interests of the business community and the end-user at-large. This is accomplished by establishing the business process standards which are required to ensure security, reliability and interoperability.

By joining PingID, member-companies are afforded an opportunity to instantly engage all other Network members in quality assured identity-based interactions.

Member Services Include
• Standardized business / legal agreements for federation
• Standardized interoperability rules and dispute resolution procedures
• Shared services for enhanced interoperability and identity interchange

Member Benefits Include
• Reduced cost of federation – standardized agreements, shared resources and pooled knowledge make widespread FIM affordable across all market segments.
• Reduced complexity – as peering becomes standardized, it reduces a requirement to maintain one-off relationships.
• Increased interoperability – a standardized business framework combined with enhanced identity interchange services improves interoperability.
• Improved ability to comply with privacy legislation – by providing services which help individuals manage their privacy preferences, enterprises are better equipped to deal with existing and new privacy legislation.
• Improved trust – by providing enhanced services which enable distributed trust, companies can engage one another with increased confidence.
• Improved framework for resolving new issues – by providing defined procedures for resolving emerging issues, companies can spend less time focusing on identity and more time focusing on their business.


Businesses are challenged with two seemingly opposed trends, the need to increase access to information and the need to maintain security. As firewalls become increasingly semi-permeable, companies are forced to re-examine their approach towards security. New digital identity constructs are serving to help solve this dilemma, allowing known entities to access information with confidence, but new infrastructures are required to manage these identities. Corporations are now beginning to invest in identity management solutions to help them manage users, roles and permissions but these solutions do not address many of the issues that result from inter-company identity services (identity federation) such as shared sign-on. 

As companies enter into an ever-increasing number of electronic relationships which involve identity, there is a commensurate need for a common business framework that will provide for an adherence to consistent end-user handling, a means for dispute resolution and a baseline for privacy compliance.

Through common business frameworks, pooled resources and shared services, companies can efficiently and with confidence engage one another in wide-scale federated identity services.

The PingID Network is one such common business framework, designed to accelerate identity federation, improve confidence through quality assurance and minimum standards and reduce costs through shared services within a fair and equitable member-owned governance structure.  The PingID Network lays the foundation needed for quality-assured, wide-scale identity federation, enabling enhanced interoperability and improved reliability, security, and process efficiencies.

Download Whitepaper (PDF – 594k)
End of Whitepaper

(C) Copyright 2002-2004, Ping Identity Corporation