Welcome!

Government Cloud Authors: Elizabeth White, Liz McMillan, Pat Romanski, Dana Gardner, Gopala Krishna Behara

News Feed Item

OATH Releases First Reference Architecture for Open Authentication at Digital ID World

Initiative for Open AuTHentication (OATH) Meets Key Deliverable for New Industry Endorsed Reference Architecture for Open Authen

SAN FRANCISCO, May 10 /PRNewswire/ -- OATH, the initiative for Open AuTHentication, today announced that the organization has met one of its initial milestones with the release of version 1.0 of the OATH Reference Architecture. Availability of the Reference Architecture document, which provides the technical framework for open authentication as originally envisioned by OATH member companies, was announced by the organization at Digital ID World today in San Francisco.

The Reference Architecture provides a roadmap for OATH member companies and their authentication customers towards a comprehensive industry-endorsed solution. The architecture document covers four main areas: client framework, validation framework, client provisioning, and a common data model.

The key guiding principles behind the Reference Architecture include: -- Open and royalty-free specifications for strong authentication -- Device innovation and embedded specified technology building blocks for strong authentication -- Native platform support -- Interoperable modules that enable best-of-breed hardware and software solutions through a framework of interoperable components.

"The delivery of this new reference architecture document was on time and on target, said Bob Blakley, OATH Joint Coordination Committee (JCC) Chair and Chief Scientist (Security and Privacy), IBM. "This represents the first step towards our collective goal for developing strong authentication products and technologies based on open standards. This document also reflects the ability of OATH member companies to work together to promote the development of new industry-accepted standards for trusted security and authentication technologies. Our intent is to create an open reference architecture that will serve as a powerful mechanism to foster competition and innovation among key solution providers in identity management, security service providers, and application developers -- all towards a goal of universal strong authentication."

The Financial Services Technology Consortium (FSTC) welcomed the release of the first version of the OATH architecture.

"FSTC commends OATH on their efforts to drive open, interoperable, accessible, and secure authentication solutions into the marketplace said Zachary Tumin, Executive Director of FSTC. "The OATH initiative compliments our efforts to define industry-level business and operational requirements for stronger mutual authentication solutions in financial services and supports our primary mission to foster interoperability in the financial services industry."

"Authentication standards are one of the many technology security issues FSTC's members have been studying," said Jim Salters, Director of Technology Initiatives and Project Development at FSTC. "It's great to have another top- tier industry group like OATH supporting our collaborative efforts by focusing on one issue and taking it to the next level."

The Reference Architecture document's client framework section addresses topics of authentication methods, innovation in authentication tokens for multifunction purposes or mobile devices, token interfaces for one-time password tokens, and authentication protocols. The validation framework covers interfaces for protocol and validation handlers, and protocols used by applications to authenticate a user's credentials. OATH will develop a framework to let vendors develop standards-based provisioning protocols and evaluate the need to standardize on one or more provisioning protocols to target specific credential types. OATH will encourage the definition of standard user store extensions and OTP token meta-data to support open authentication.

The Reference Architecture document is free and available to interested organizations at http://www.openauthentication.org/reg.asp. Registration is required to access the document.

About the Initiative for Open AuTHentication

The Initiative for Open AuTHentication (OATH) is a collaboration of leading device, platform and application companies. OATH participants hope to foster use of strong authentication across networks, devices and applications. OATH participants work collectively to facilitate standards work and build a reference architecture for open authentication while evangelizing the benefits of strong interoperable authentication in a networked world. OATH is actively seeking all participants who share a common vision of open authentication.

OATH is dedicated to helping customers reduce the cost and complexity of deploying strong authentication within enterprises, and across the Internet. Since its formation, OATH's membership includes security industry leaders from token manufacturers, platform vendors, smartcard providers, and security services companies. End user companies are joining OATH to add their voice and ideas towards the goal of open authentication.

Some current OATH members include: ActivCard, Inc.; Aladdin Knowledge Systems; ARM; Assa Abloy ITG; AudioSmartCard; Authenex, Inc.; Aventail Corporation; Axalto, Inc.; BEA Systems; BMC Software; Checkpoint Software Technologies; Digital Persona; Diversinet Corp.; Entrust Technologies, Inc.; Forum Systems, Inc.; Gemplus Corp; IBM; IMCentric, Inc.; iovation; Juniper Networks, Inc.; K.K. Athena Smartcard Solutions; Livo Technologies SA; Passlogix, Inc.; Phoenix Technologies Ltd.; Protocom Development Systems, RedCannon Security, Inc.; SafeNet, Inc.; Signify; Smart Card Alliance; TriCipher, Inc.; VASCO Data Security; and VeriSign, Inc.

To learn how to participate, e-mail [email protected] or visit http://www.openauthentication.org/.

All company and product names are trademarks of their respective holders.

OATH

CONTACT: Dan Chmielewski, +1-949-231-2965 or
[email protected], or Joann Killeen, +1-310-476-6491 or
[email protected], both of Madison Alexander PR, Inc., for OATH

Web site: http://www.openauthentication.org/

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives. Serverless and Kubernetes are great examples of continuous, rapid pace of change in enterprise IT. They also raise a number of critical issues and questions about employee training, development processes, and opera...
AI and machine learning disruption for Enterprises started happening in the areas such as IT operations management (ITOPs) and Cloud management and SaaS apps. In 2019 CIOs will see disruptive solutions for Cloud & Devops, AI/ML driven IT Ops and Cloud Ops. Customers want AI-driven multi-cloud operations for monitoring, detection, prevention of disruptions. Disruptions cause revenue loss, unhappy users, impacts brand reputation etc.
This month @nodexl announced that ServerlessSUMMIT & DevOpsSUMMIT own the world's top three most influential Kubernetes domains which are more influential than LinkedIn, Twitter, YouTube, Medium, Infoworld and Microsoft combined. NodeXL is a template for Microsoft® Excel® (2007, 2010, 2013 and 2016) on Windows (XP, Vista, 7, 8, 10) that lets you enter a network edge list into a workbook, click a button, see a network graph, and get a detailed summary report, all in the familiar environment of...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
The Japan External Trade Organization (JETRO) is a non-profit organization that provides business support services to companies expanding to Japan. With the support of JETRO's dedicated staff, clients can incorporate their business; receive visa, immigration, and HR support; find dedicated office space; identify local government subsidies; get tailored market studies; and more.
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...