ARCHIVE
ID Number: FT-20-7798



This research is provided for historical perspective;
portions of this document may not reflect current conditions.





Southwest Airlines Shows SAML's Promise
13 August 2003
 
Ray Wagner   Roberta J. Witty  

Southwest Airlines' decision to use Security Assertion Markup Language (SAML) to authenticate communications with external business partners is a sign of things to come.






Browse Topics


Other Options







Contact Gartner






Download Document:

PDF
southwest_airli...pdf (111.4KB)

Help with Downloads




News Analysis



Event

On 12 August 2003, Oblix, which develops identity-based security solutions, announced that Southwest Airlines has completed a large-scale implementation of the Oblix NetPoint identity management and access control product. The NetPoint implementation uses single sign-on based on the SAML standard to secure communications within Southwest's internal networks and with its suppliers and other external business partners.
Return to Top


Analysis

Southwest is one of the first to use SAML-enabled identity management on a large scale to perform cross-domain trust. This implementation also marks an early step in the movement toward federated identity management. However, this approach appears to deliver many of the real-world benefits of federated identity management without the use of additional technologies or standards, such as Liberty and WS-Federation.

The Oblix system enables Southwest to vouch for the identity of an employee who accesses external partners' networks (for example, an aircraft mechanic looking for technical documentation). The partner grants session access to the Southwest employee without performing authentication on its own site. With this approach, Southwest enjoys enhanced employee productivity, and the external partner does not need to manage credentials for large numbers of outside users.

According to some estimates, identity management solutions deliver an average three-year return on investment of as much as 300 percent. The use of standards such as SAML may drive up return on investment still further by offering cost savings for security administration, help desk support and application development. Through 2005, 80 percent of federated identity projects will be simple cross-domain trust initiatives between two enterprises with established partnerships (0.8 probability). SAML will be the leading standard for business-to-business single sign-on through 2006 (0.8 probability).

Bottom Line: Enterprises that manage large numbers of external identities should consider SAML-based cross-domain trust.

Analytical Sources: Ray Wagner and Roberta Witty, Gartner Research

Written by Terry Allan Hicks, Gartner News

Recommended Reading and Related Research

(You may need to sign in or be a Gartner client to access all of this content.)
Return to Top







Browse Topics:
 
Identity and Access Management
Federated Identity




© 2003 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The conclusions, projections and recommendations represent Gartner's initial analysis. As a result, our positions are subject to refinements or major changes as Gartner analysts gather more information and perform further analysis. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner's research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.




Resource Id: 406863