Novell's Bandit to deliver open source identity system

The Bandit project aims to create open-source code for authenticating user roles and enforcing policies

Novell has unveiled an open-source identity management project, called Bandit, aimed at linking disparate systems and offering a more consistent approach to controlling users’ access and identities.

Novell said it has contributed code and engineering resources to the project to enable a uniform approach to identity issues such as role-based access and regulatory compliance reporting. The objective is to provide firms with freely-available code that they can overlay on their existing identity management systems and standardise features such as authentication, roles and policies.

Novell has gathered support for Bandit from various giants in the IT industry, including Sun Microsystems, Microsoft and Intel.

Richard Whitehead, a director of product marketing at Novell, said that Bandit is aimed at bringing together disparate identity systems and addressing common identity management needs, such as authentication, tighter security and roles. “We want to help organisations link their own in-house identity systems and offer a common way to use that information,” he added.

The Bandit project will work with existing open-source identity standards such as the Liberty Alliance and WS- specifications, according to Novell. It will also support Project Higgins, another open-source identity project from Novell, IBM and Parity Communications that is designed to help individuals protect their identities online.

Whitehead said that Bandit will leverage and contribute code to the Higgins initiative, so components can be shared rather than be worked on separately.

The resulting code will be available through the open-source community and will also be built into Novell products. “Firms can make use of the code to build an identity layer over their existing systems without needing to make an investment in Novell,” Whitehead said.

Although the Bandit project has been underway for several months, it was only formally launched this week. Whitehead said this was due to Novell wanting to come to market with a project that already had industry and open-source backing. “We didn’t want to come out of the gate without the pieces in place, and we also wanted some time after the launch of Higgins in February.”

Firms can make use of four identity components that are already available under the scheme, including one for authentication and another for auditing.