.comment-link {margin-left:.6em;}

Tuesday, January 17, 2006

New Report on Federated Identity and IMS

(The IMS Insider Global Online IMS Attitude Survey. Just 14 days to go till it closes. Please take part if you haven't already. It takes 10 minutes to complete. Full free report to participants-only in February. Go to: http://www.surveymonkey.com/s.asp?u=909631592609.)

I'm delighted to announce the publication of this month's IMS Insider Report (to access it go
www.ims-insider.com). Below is a taster from the Introduction (and an example of how France Telecom is approaching the topic).

The Editor

...In this edition of IMS Insider, we introduce readers to the concept of Federated Identity – a way for mobile operators to securely and automatically broker customer identity information across a network of online service providers to provide a larger volume of personalised and relevant IP-based services to end-users without them having to undertake multiple log-ins with sign-ons. It’s all the rage with the R&D departments at the most of the mobile and FMC operators in Europe. But why is it relevant to IMS?

If we think of the end goal of enabling the customer to experience a far richer set of relevant services, IMS provides network capabilities to support the operator deliver its own branded offerings, while Federated Identity enables the operator to be at the centre of delivering a continual stream of innovative new 3rd party services to the customer…while at the same time and retaining control of the billing relationship.

Just like IMS, Federated Identity is coming out of the technology ‘closet’ right now. The major operators (led by the Europeans) have been running trials over the last year and more and more RFP’s are emerging on the market.

This month's IMS Insider describes the concept in detail, we introduce the Liberty Alliance (
www.projectliberty.org) and its glossary of Federated Identity terms, and shows how it relates to and enhances the (IMS based) future Movie download service proposition we presented last month and which ranked high on our ‘IP-Services Revenue Scorecard’.

Our view is that mobile and FMC operators can gain best competitive advantage by developing a commercial strategy for IMS in tandem with Federated Identity. These are two breakthrough concepts that will suffer from being silo’d.

Case Study – France Telecom

France Telecom Group (FT) was a founding member of the Liberty Alliance in 2001. They joined because there was a growing need to minimize the number of login/passwords for the end user, a need for share user profiles between services within the Group. At the time the existing ways of doing this were not satisfactory.

Ultimately, FT is aiming to move from an account-centric to a user-centric business model: “The customer is at the heart of his personal universe” is how they describe it. It is looking to increase customer satisfaction by breaking down the boundaries between its service offers (FT, Wanadoo, Orange, and Equant) – a so called ‘integrated operator’ strategy.

It recognizes it has two key challenges to achieving this. Firstly, creating a large community of 3rd party Service Providers for the group’s customers and, secondly, creating effective synergy between the FT group Business Units.

To creating a community of 3rd party Service Providers it is looking to simplify and harmonize the process of on-boarding them – from an integration for each Business unit to one standard integration. It is also looking to consolidate the existing third party services catalogues that are available in 7 countries (via Orange) onto one central service platform.

To achieve this, FT needed a standard, and Liberty Alliance federated identity approach was chosen. FT wanted to simplify access to FT services for all its customer. It wanted to be able to create a synergistic set of new combined (‘convergent’) offers and offer a high quality user experience through Single Sign-On.

FT chose Liberty because it was (and is) the only existing standard for federation, it is secure and privacy-friendly, it is adaptable to specific operator requirements, there are existing products to support it with proven interoperability (to minimize costs of integration and testing), and because it is simple to integrate with for 3rd party service providers (due to links with open source libraries).

Wanadoo is currently using Liberty standards for all its own brand and affiliate services. While the aim is for Orange to provide a central technical framework for content adaptation, mobile and web portal, access to Orange ‘enablers’ (SMS, MMS, Location, etc) and billing integration. Orange will also provide a Single Sign On service for 3rd party service providers and for internal components, and will also provide its own branded services. (This is a good example of the mobile operator as a Federated Identity Provider).

The main lessons from FT deployments to date are:
- Interoperability is a reality, not just a promise
- There are still some technical and business challenges
- The Single-Sign-On mechanism can be difficult to achieve and may not be the same between Circles of Trust.
- Agreement on authentication levels is not easy to establish
- There are user experience issues around creating the Federation mechanism
- Session Management can be difficult to organize due to different requirements between parties in a Circle of Trust.
- Finalizing agreements between partners takes a lot of time, but it is worth it!

To address some of these issues in a wider context FT is part of a project called 'Fidelity' recently set up with the R&D functions of a number of other telco members of Liberty Alliance – TeliaSonera, Amena, Telenor, Erisson. The aim is to thoroughly trial the Liberty approach in real life situations across multiple countries and companies in Europe. Four ‘Circles of Trust’ are currently being established, with mobile operators as Federated Identity Providers, in Norway, Finland, Spain and France. The trial will help to refine use cases, and will include smart cards, non HTTP services and mobile telephony services. Interoperable tests will be held in mid 2006.

The Editor

Comments: Post a Comment

<< Home

This page is powered by Blogger. Isn't yours?