OASIS Federated Identity Lab Demonstrates SAML 2.0 Interoperability for GSA E-Gov's E-Authentication Initiative

["Carol Geyer" <carol.geyer@oasis-open.org>]

OASIS Federated Identity Lab Demonstrates SAML 2.0 Interoperability for GSA E-Gov's E-Authentication Initiative

Computer Associates, DataPower Technology, Entrust, Hewlett-Packard Company, Oracle, RSA Security, Sun Microsystems, and Others
Showcase Authentication and Authorization Standard at RSA Conference

San Francisco, CA, USA; 2005 RSA Conference; 16 February 2005 -- Thirteen vendors from around the world teamed with the U.S. General
Service Administration (GSA) E-Gov E-Authentication Initiative to demonstrate interoperability of the Security Assertion Markup
Language (SAML) 2.0, a security specification developed by the OASIS standards consortium. SAML enables secure exchange of
authentication, attribute, and authorization information between disparate security domains, making secure Internet e-business
transactions possible. 

The OASIS Federated Identity InterOp Lab, co-sponsored by GSA E-Authentication Initiative, Enspier, and RSA Security, demonstrated a
combination of web single sign-on, and single logout scenarios.

"SAML 2.0 brings together SAML 1.x, Liberty Alliance and Shibboleth functionality to provide a logical convergence point for new
products and deployments in the coming months," said Dan Blum, Senior Vice President and Research Director, Burton Group. "This
OASIS InterOp demonstration offers an important proof-of-concept for the new specification."

According to Stephen Timchak, GSA Program Executive, "The E-Authentication Initiative is committed to helping drive the evolution of
federated identity management, and that's why we are excited to sponsor the OASIS Federated Identity InterOp on SAML 2.0 at RSA
2005. I believe that the E-Authentication-sponsored SAML 1.1 interoperability event at last year's RSA conference helped speed the
evolution of the SAML standard, and we look forward to being enthusiastic adopters SAML 2.0 when it qualifies for inclusion in the
E-Authentication architecture."


Vendors Collaborate on SAML Interoperability

Computer Associates
"CA's active participation in this year's OASIS SAML Interoperability Lab highlights CA's ongoing commitment to supporting
federation standards that empower global enterprises to quickly and easily deliver secure business services," said Marc Chanliau,
eTrust product manager at Computer Associates. "As one of the co-founders of the SAML specification, CA is delighted to see SAML
2.0's latest enhancements which will enable our diverse customer base to further extend their federation initiatives and realize the
full business benefits of standards-based identity management."

DataPower
"Because organizations cannot possibly agree on a single vendor solution for identity, traditional, proprietary SSO is impractical
for federated identity across extranets and Web services. By validating complete SAML interoperability of DataPower's XS40 XML
Security Gateway, we ensure that our customers are getting an open, standards-based solution for federated identity. For the second
year in a row, DataPower is participating in OASIS SAML InterOp at the RSA Conference, an event that has done so much to advance the
vision of 'identity as a service,'" said Eugene Kuznetsov, CTO founder of DataPower.

Entrust
"OASIS SAML 2.0 represents convergence within the SAML standard and signals the widespread acceptance and increasing importance of
Federated Identity standards for interoperability between partner domains," said Chris Voice, Vice President of Technology at
Entrust, Inc. "Our participation in the OASIS Federated Identity InterOp Lab demonstrates our ongoing support of open standards such
as SPML, XACML and SAML."

Oracle
"It is evident that Web services are rapidly becoming the cornerstone for integration and B2B transactions. SAML 2.0 will further
propagate the use of Web services for federated identity management to securely connect customers, partners and employees with the
information they need," said Uppili Srinavasan, senior director, Identity Management and Security Products, at Oracle Corp.
"Oracle's participation in this demonstration illustrates our support for the specification and its ability to enable the secure
exchange of information among partners."

RSA Security
"By embracing SAML.2.0 - a convergence standard that is a cornerstone in the future of identity federation - the technology industry
will enable companies to collaborate efficiently and securely, across business boundaries," said Toffer Winslow, director of product
management and marketing at RSA Security.  "RSA Security is proud of its role in contributing intellectual property that led to
SAML, and in co-authoring the standard. We're delighted to see that a broad range of vendors -- including RSA Security -- are
committed to bringing interoperable solutions to market."

Sun Microsystems
"Sun continues to drive identity management and Web services standards both through our participation with organizations, such as
OASIS and the Liberty Alliance, as well as providing full support of the latest standards within our products," said Sara Gates vice
president identity management, Sun Microsystems, Inc.  "Sun is proud to have been a supporter of SAML from its inception, and we are
pleased to showcase SAML 2.0 interoperability between Sun Java System Access Manager and other vendors products at the RSA
Conference."



About OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit, global consortium that drives the
development, convergence, and adoption of e-business standards. Members themselves set the OASIS technical agenda, using a
lightweight, open process expressly designed to promote industry consensus and unite disparate efforts. OASIS produces worldwide
standards for security, Web services, conformance, business transactions, electronic publishing, topic maps and interoperability
within and between marketplaces. Founded in 1993, OASIS has more than 4,000 participants representing over 600 organizations and
individual members in 100 countries. Approved OASIS Standards include AVDL, CAP, DocBook, DSML, ebXML, SAML, SPML, UBL, UDDI,
WS-Reliability, WSRP, WSS, XACML, and XCBF. http://www.oasis-open.org


Additional information:

OASIS Federated Identity InterOp Lab
RSA Conference Booth #1242

OASIS Security Services Technical Committee http://www.oasis-open.org/committees/security

GSA eAuthentication Program
http://cio.gov/eauthentication

Press contact:
Carol Geyer
Director of Communications
OASIS
carol.geyer@oasis-open.org
+1.978.667.5115 x209