Sun/Accenture take credit for SSL identity system

Project Mammoth, the ID systems management partnership from Sun and Accenture delivers

Sun Microsystems and Accenture demonstrated one of the first implementations of their joint identity systems management collaboration yesterday – a three factor remote access solution that uses a biometric smart card to authenticate users logging in to corporate apps via a secure sockets layer (SSL) virtual private network (VPN) connection.

The solution is based on a credit card sized finger print reader manufactured by Swiss company Axsionics. After users correctly identify themselves to the card using finger print scanning, the card reads an encrypted code from an internet portal, then translates it into a short five digit password that the user enters into the company SSL VPN to gain access.

“The process has to be repeated every time the user logs on, but it runs with every web browser so is quick and easy to deploy in multi-channel environments,” said Sun’s EMEA security lead Floris van den Dool.

The benefits of using the Axsionics card is that the identity system can be applied to mobile devices like PDAs and smartphones where long key input is difficult to achieve, added Accenture’s Antonio Samele.

“This is more convenient than typing, and because the algorithm is embedded in the card it is also faster,” he said.

Samele would not reveal how many customers are currently using the Accenture/Sun solution based on the Axsionics card, which is the result of a joint collaboration, project Mammoth, that the two companies formed in September last year.

“I was told that if I talked about cost they would shoot me,” said Samele, offering a rare insight into how Sun Microsystems treats its partners.

“It will depend on the volumes involved but it could be cheaper than using tokens for the same thing, and will be a one off purchase rather than subscription based.”

Project Mammoth has also created a systems identity manager application based on Java that is designed to improve user provisioning in Cisco, LDAP and Active Directory access platforms, and integrate with SAP based human resource systems.