Back to article
Novell Lets Bandit Loose
Passwords, Passwords, Passwords
June 16, 2006
Managing your identity in the Internet of 2006 is a complex Web that requires multiple identities and passwords for multiple sites and services.
Enter the Bandit project.
This open source effort led by Novell aims to integrate disparate identity standards and projects in an effort to help create an identity system that spans the Internet. Tall order indeed.
"What we want to do is to provide a consistent identity fabric for interactions across the network," Dale Olds, distinguished engineer at Novell told LinuxPlanet. "Similar to how the TCP stack and sockets interface and BIND DNS were foundational components for the Web, we're hoping to build in the identity fabric.
Formerly announced Monday, Bandit actually went live in February. Olds said it has been in a grassroots phase since then and is now looking for wider community involvement.
Bandit integrates a number of different initiatives and open standards to identity management. Among them is an implementation of the open source Higgins framework which is seen as an open source affront to Microsoft's InfoCard single sign initiative. Project Higgins is an effort in which Novell, IBM and other collaborate on an identity framework that enables users to integrate profile and identity information across disparate systems. Bandit calls its implementation of Higgins, "The Common Identity Service."
Olds explained that Novell both contributes to and uses Higgins, but there is more that Bandit will do.
"They [Higgins] are focused on identity abstraction where we are focused on what has traditionally been enterprise capabilities on top of identity," Olds said.
Other Bandit components include The Common Authentication Services Adapter (CASA), which enables interoperable authentication for sign-on systems, and the Role Engine service for role-based authorization. On the auditing side, the Audit Record Framework service will deliver a compliance API as well as open auditing of records from Bandit.
"One of the challenges we face is that this is yet another product, another standard that is somehow trying to vie for shelf space with all the other standards," Olds said. "I think that the challenge in that is to execute, build worthwhile components and show that we're trying to pull things together and not fragment them."
Bandit isn't necessarily going to unify all of the various identity standards and project either.
"I wouldn't presume that we could unite all of the standards," Olds admitted. "But our goal is to make as many of them work together and to present as coherent a set of identity services as possible."
Olds argued against any perception that Novell, as sponsor, is in a position to unduly influence the project. He noted that Red Hat, Intel, Sun, Microsoft, and Symantec and other companies are cited in the project's official launch press release with quotes of support for the effort.
"We're trying to integrate those systems and be collaborative about it," Olds commented. "There is no advantage to Novell or any other vendor to have isolated pockets of identity."
As an example Olds noted that there would be no advantage to having an email system that couldn't talk to other email systems. In his view, Identity should be the same with multiple systems able to communicate with each other.
Regardless of what Novell actually does or doesn't do with Bandit, the project is an open source project with code licensed under the GPL and the LGPL Free Software licenses. As such anyone can take the code, use it and even add to it so long as they contribute their changes back to the community.
This story first appeared on internetnews.com, a JupiterWeb site.