Welcome!

FinTech Journal Authors: Carmen Gonzalez, Elizabeth White, Zakia Bouachraoui, Yeshim Deniz, Liz McMillan

News Feed Item

OATH Releases First Reference Architecture for Open Authentication at Digital ID World

Initiative for Open AuTHentication (OATH) Meets Key Deliverable for New Industry Endorsed Reference Architecture for Open Authen

SAN FRANCISCO, May 10 /PRNewswire/ -- OATH, the initiative for Open AuTHentication, today announced that the organization has met one of its initial milestones with the release of version 1.0 of the OATH Reference Architecture. Availability of the Reference Architecture document, which provides the technical framework for open authentication as originally envisioned by OATH member companies, was announced by the organization at Digital ID World today in San Francisco.

The Reference Architecture provides a roadmap for OATH member companies and their authentication customers towards a comprehensive industry-endorsed solution. The architecture document covers four main areas: client framework, validation framework, client provisioning, and a common data model.

The key guiding principles behind the Reference Architecture include: -- Open and royalty-free specifications for strong authentication -- Device innovation and embedded specified technology building blocks for strong authentication -- Native platform support -- Interoperable modules that enable best-of-breed hardware and software solutions through a framework of interoperable components.

"The delivery of this new reference architecture document was on time and on target, said Bob Blakley, OATH Joint Coordination Committee (JCC) Chair and Chief Scientist (Security and Privacy), IBM. "This represents the first step towards our collective goal for developing strong authentication products and technologies based on open standards. This document also reflects the ability of OATH member companies to work together to promote the development of new industry-accepted standards for trusted security and authentication technologies. Our intent is to create an open reference architecture that will serve as a powerful mechanism to foster competition and innovation among key solution providers in identity management, security service providers, and application developers -- all towards a goal of universal strong authentication."

The Financial Services Technology Consortium (FSTC) welcomed the release of the first version of the OATH architecture.

"FSTC commends OATH on their efforts to drive open, interoperable, accessible, and secure authentication solutions into the marketplace said Zachary Tumin, Executive Director of FSTC. "The OATH initiative compliments our efforts to define industry-level business and operational requirements for stronger mutual authentication solutions in financial services and supports our primary mission to foster interoperability in the financial services industry."

"Authentication standards are one of the many technology security issues FSTC's members have been studying," said Jim Salters, Director of Technology Initiatives and Project Development at FSTC. "It's great to have another top- tier industry group like OATH supporting our collaborative efforts by focusing on one issue and taking it to the next level."

The Reference Architecture document's client framework section addresses topics of authentication methods, innovation in authentication tokens for multifunction purposes or mobile devices, token interfaces for one-time password tokens, and authentication protocols. The validation framework covers interfaces for protocol and validation handlers, and protocols used by applications to authenticate a user's credentials. OATH will develop a framework to let vendors develop standards-based provisioning protocols and evaluate the need to standardize on one or more provisioning protocols to target specific credential types. OATH will encourage the definition of standard user store extensions and OTP token meta-data to support open authentication.

The Reference Architecture document is free and available to interested organizations at http://www.openauthentication.org/reg.asp. Registration is required to access the document.

About the Initiative for Open AuTHentication

The Initiative for Open AuTHentication (OATH) is a collaboration of leading device, platform and application companies. OATH participants hope to foster use of strong authentication across networks, devices and applications. OATH participants work collectively to facilitate standards work and build a reference architecture for open authentication while evangelizing the benefits of strong interoperable authentication in a networked world. OATH is actively seeking all participants who share a common vision of open authentication.

OATH is dedicated to helping customers reduce the cost and complexity of deploying strong authentication within enterprises, and across the Internet. Since its formation, OATH's membership includes security industry leaders from token manufacturers, platform vendors, smartcard providers, and security services companies. End user companies are joining OATH to add their voice and ideas towards the goal of open authentication.

Some current OATH members include: ActivCard, Inc.; Aladdin Knowledge Systems; ARM; Assa Abloy ITG; AudioSmartCard; Authenex, Inc.; Aventail Corporation; Axalto, Inc.; BEA Systems; BMC Software; Checkpoint Software Technologies; Digital Persona; Diversinet Corp.; Entrust Technologies, Inc.; Forum Systems, Inc.; Gemplus Corp; IBM; IMCentric, Inc.; iovation; Juniper Networks, Inc.; K.K. Athena Smartcard Solutions; Livo Technologies SA; Passlogix, Inc.; Phoenix Technologies Ltd.; Protocom Development Systems, RedCannon Security, Inc.; SafeNet, Inc.; Signify; Smart Card Alliance; TriCipher, Inc.; VASCO Data Security; and VeriSign, Inc.

To learn how to participate, e-mail [email protected] or visit http://www.openauthentication.org/.

All company and product names are trademarks of their respective holders.

OATH

CONTACT: Dan Chmielewski, +1-949-231-2965 or
[email protected], or Joann Killeen, +1-310-476-6491 or
[email protected], both of Madison Alexander PR, Inc., for OATH

Web site: http://www.openauthentication.org/

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

IoT & Smart Cities Stories
Where many organizations get into trouble, however, is that they try to have a broad and deep knowledge in each of these areas. This is a huge blow to an organization's productivity. By automating or outsourcing some of these pieces, such as databases, infrastructure, and networks, your team can instead focus on development, testing, and deployment. Further, organizations that focus their attention on these areas can eventually move to a test-driven development structure that condenses several l...
The term "digital transformation" (DX) is being used by everyone for just about any company initiative that involves technology, the web, ecommerce, software, or even customer experience. While the term has certainly turned into a buzzword with a lot of hype, the transition to a more connected, digital world is real and comes with real challenges. In his opening keynote, Four Essentials To Become DX Hero Status Now, Jonathan Hoppe, Co-Founder and CTO of Total Uptime Technologies, shared that ...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Never mind that we might not know what the future holds for cryptocurrencies and how much values will fluctuate or even how the process of mining a coin could cost as much as the value of the coin itself - cryptocurrency mining is a hot industry and shows no signs of slowing down. However, energy consumption to mine cryptocurrency is one of the biggest issues facing this industry. Burning huge amounts of electricity isn't incidental to cryptocurrency, it's basically embedded in the core of "mini...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
Every organization is facing their own Digital Transformation as they attempt to stay ahead of the competition, or worse, just keep up. Each new opportunity, whether embracing machine learning, IoT, or a cloud migration, seems to bring new development, deployment, and management models. The results are more diverse and federated computing models than any time in our history.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
The standardization of container runtimes and images has sparked the creation of an almost overwhelming number of new open source projects that build on and otherwise work with these specifications. Of course, there's Kubernetes, which orchestrates and manages collections of containers. It was one of the first and best-known examples of projects that make containers truly useful for production use. However, more recently, the container ecosystem has truly exploded. A service mesh like Istio addr...