WSO2 debuts Cloud Identity to simplify Identity Management and Authentication in the Cloud

With WSO2 Cloud Identity, Users Can Sign On Once to Access Multiple Enterprise and Cloud Applications

Mountain View, CA – February 17, 2010 – WSO2, the lean enterprise middleware company, today announced the debut of WSO2 Cloud Identity. The newest hosted WSO2 Cloud Service helps companies eliminate the complexity of deploying identity management and authentication across multiple SaaS (software as a service) applications as well as internal and traditional systems. By supporting a broad set of authentication and security standards, WSO2 Cloud Identity gives administrators a central identity management system while users gain single sign-on access to different cloud applications. Initial cloud application support includes Google Apps, which is available with today’s beta release of WSO2 Cloud Identity, and Salesforce.com, which will be added at the end of the month.

Comprehensive identity management primarily has been the domain of large enterprises with the budgets, resources and technical staff to implement them. WSO2 Cloud Identity lowers the barriers for small and medium businesses by eliminating the need for internal software, dedicated hardware, and systems administrators. Instead, WSO2 provides enterprise identity management as a simple-to-manage, pay-as-you-go hosted service that can scale to meet companies’ needs.

“SaaS and other applications in the cloud have played a remarkable role in making enterprise-class applications accessible and affordable for small and medium-size businesses,” said Paul Fremantle, WSO2 co-founder and CTO. “With our WSO2 Cloud Identity, those companies now have an enterprise-class system that offers easy set up and enables a centralized, scalable approach to identity management and authentication across all their applications running in the cloud.”

WSO2 Cloud Identity for Proven Identity Management

WSO2 Cloud Identity is based on the proven functionality of the open source WSO2 Identity Server, which supports open identity standards. The WSO2 Cloud Identity offering is completely self-service; it allows each company or organization to register and configure its own domain, add users, and start using the service from day one with no software setup. The WSO2 Cloud Services team manages the system on a scalable, reliable, infrastructure providing a one-stop service for identity across the Web and internal systems.

WSO2 Cloud Identity enables administrators to provide strong authentication using electronic IDs for users based on popular open standards. These include the Security Assertion Markup Language (SAML) 2.0, OpenID and Information Card token-based standards. WSO2 Cloud Identity can issue cards or tokens for identity management, as well as support incoming SAML 2.0, OpenID and CardSpace authentication requests. WSO2 Cloud Identity offers fine-grained authorization support for cloud applications and Web services through the WSO2 entitlement engine, which adheres to the OASIS eXtensible Access Control Markup Language 2.0 (XACML 2.0) standard.

The result is that for the first time, companies of any size can get enterprise-class identity and entitlement management unified for both internal and externally hosted applications, running in the cloud with no need for a systems administrator or dedicated hardware. The Web-based administration and configuration model means that the system can be configured easily and effectively from any Web browser.

In addition, WSO2 Cloud Identity supports domain mapping technologies that allow companies or organizations to properly map the WSO2 Cloud Identity system to their own Web domain. This, together with branding and theming support, ensures that organizations can build a seamless, secure, branded identity management model in the cloud. Other key features of WSO2 Cloud Identity include:

  • Claim-based security token service for mapping user attributes to defined claims, which can be used to enable identity federation with claim-aware Web services, and lets users restrict which information they share with third parties.
  • Multifactor authentication for OpenID based on the Extensible Messaging and Presence Protocol (XMPP) standard complements the multifactor authentication already available with Information Cards since version 1.5 of WSO2 Identity Server.
  • User Profiles and profile configuration management component to simplify adding, modifying and deleting user profiles, and profile management.
  • Statistics, reporting and an audit trail, which enable administrators to monitor user accounts and issuances of information cards and tokens for login requests to relying party Web applications.
  • Revoking mechanism so administrators can revoke issued information cards and block them from being used for authentication.

Availability and Support

The WSO2 Cloud Identity beta release is available today at http://identity.cloud.wso2.com from WSO2 and includes product support. There is no charge for limited use during the initial evaluation period. Ongoing pricing will be announced at a future date. WSO2 offers a range of additional service and support options, including consulting and implementation support. For information on service and support packages, visit http://wso2.com/support.