HP Introduces Federated Identity Management Tool

HP has introduced identity management software that enables enterprise customers to allow their business partners secure access to information that resides on different systems across corporate boundaries. Announced at HP’s Software Universe event, HP OpenView Select Federation uses industry-standard federation protocols to link multiple accounts with different providers on the Internet so that authentication occurs only once and securely.

Analytical Summary

• Current Perspective: Slightly positive on HP’s announced OpenView Select Federation product. While the company has OEMed solid technology, it is surprising that, given its existing relationship with Ping Identity and recent acquisition of TruLogica, HP did not develop this product on its own.
• Vendor Importance: Moderate to HP, because Select Federation supports single sign-on capability in federated environments. Federated identity is a major requirement of identity management solutions, and this product provides HP with a standalone federated solution that should meet the needs of its most demanding clients.
• Market Impact: Low on the identity management market, because all of HP’s major competitors within the space already market federated solutions. HP is simply trying to catch up with market developments.

Perspective

We are taking a slightly positive stance on HP’s announcement that it will OEM federated identity technology from Trustgenix and rebrand it ‘HP OpenView Select Federation.’ While the Trustgenix technology is fairly mature and well-regarded, it is not clear when the product will be available and it also raises a few questions about previous HP federated efforts.

HP OpenView Select Federation provides single sign-on capability across organization boundaries. The product supports a broad set of industry standards (for example, SAML, Liberty Alliance, and WS Federation). It is deployed as a standalone product that can integrate with existing identity infrastructure, and it is not tightly coupled with Select Access. The product will be available in two versions. The Enterprise edition will support B2B applications, such as linking supplier and partner networks. The Premium edition is targeted at B2C applications, particular in telecommunications.

Nevertheless, the move does raise a few questions about levels of support for federation in the current HP portfolio. In December 2003, HP announced a major partnership with Ping Identity Corporation, in which HP committed, among other things, to embedding Ping code into SelectAccess that would support federated identity. It is not clear why the relationship with Ping was not renewed. It is also not clear how this announcement effects HP’s utilization of the TruLogica provisioning technology is acquired last spring. At the time, that acquisition was positioned as being largely driven by federation concerns. The Trustgenix product supports federated provisioning as well.

Competitive Positives

• HP OpenView Select Federation provides single sign-on capability across organization boundaries. The product will be available in two versions. The Enterprise edition will support B2B applications, such as linking supplier and partner networks. The Premium edition is targeted at B2C applications, particular in telecommunications.
• HP OpenView Select Federation is built on OEMed technology from Trustgenix. The Trustgenix IdentityBridge products are fairly mature, market proven, and well-regarded. This deal should allow HP to field a federated solution quickly.
• Select Federation is free standing and can interoperate with any existing identity infrastructure. This is an important aspect of the product and one that follows moves by most of the major access management vendors.
• Select Federation offers broad support of industry specifications, including SAML, Liberty Alliance, and WS Federation. The product supports SAML 1.1 and SAML 1.0, and it imparts identity provider (SAML producer) and service provider (SAML consumer) capabilities. Liberty Alliance support includes ID- WSF and certified interoperability for Liberty ID-FF 1.1 and 1.2.

Competitive Concerns

• It is not clear why the relationship with Ping was not renewed. There is significant overlap in the Ping and Trustgenix products.
• It is also not clear how the provisioning technology HP acquired from TruLogica last spring to further its federated strategy factors into this announcement. HP emphasized that the TruLogica deal was important to its federated goals, but the Trustgenix solution supports cross-domain provisioning and activation.
• This announcement will not change the perception that HP trails it major competitors in the identity management space technologically. Its decision not to acquire or develop federated identity technology will also raise some questions about how strategic the company feels federated technology is to identity management.