The Portland Group
Oakridge Top Right

Since 1986 - Covering the Fastest Computers
in the World and the People Who Run Them

Language Flags

Visit additional Tabor Communication Publications

Enterprise Tech
HPCwire Japan

Ping Identity Debuts Standalone WS-Trust Security Token Server

Ping Identity Corp., a provider of federated identity and Web single sign-on software, announced the general availability of PingTrust, the first standalone WS-Trust Security Token Server available on the market. PingTrust creates and validates security tokens that are bound into SOAP messages per the Web Services Security (WSS) standard, bringing standards-based, trusted user identity to Web Services and Service-Oriented Architectures (SOAs). PingTrust is now available for free download from under Ping's innovative Federate Now! Program.

Applications depend on user-level identity to protect critical resources, generate audit trails for regulatory compliance and support user-based billing. However, Web Services and SOA have lacked standards-based mechanisms for enabling trusted user identity, making these important functions difficult -- if not impossible -- without introducing proprietary application-level extensions that breach Web Services principles and introduce questionable security.

PingTrust builds on two open security standards that set the stage for true interoperability and a solution that scales. OASIS Web Services Security 1.0 (formerly WS-Security) allows for the embedding of security tokens in SOAP messages, while WS-Trust establishes a mechanism for obtaining and validating tokens from a Security Token Service (STS). PingTrust is such an STS. It supports both .NET and Java applications, Web-based and rich clients. PingTrust can operate on the Web Services Client-side, Provider-side or both sides of a Web Service transaction.

"With PingTrust, the concept of user session no longer ends at the application a user originally logs into, either directly or via federation," commented Patrick Harding, chief technical officer of Ping Identity. "Instead, user session and identity now follow SOAP messages wherever they may go throughout the SOA."

"By supporting WS-Trust, Ping Identity is providing a Security Token Service that can participate in the Identity Metasystem. This enables identity information to be exchanged using industry standard Web services, regardless of the underlying platforms," said Michael Stephenson, director of identity and access at Microsoft. "We look forward to Ping's products interoperating with Microsoft technologies, including .NET, Active Directory and the upcoming 'InfoCard' technology."

Using PingTrust, a Web Services client can exchange the security token being used in the local security domain, such as a Kerberos ticket, for a SAML token that represents the original user's identity in other federated security domains, including those at other companies. After being bound into a SOAP message and delivered to a Web Services Provider, the Provider will know who originated the request and will be able to use that information in determining how to process the request.

"Ping has leveraged the insights of Fidelity Investments as a design partner to create its market-leading Security Token Server for Web Services security and federated Web Services," said Dave Power, partner at Fidelity Investments.

PingTrust is a lightweight, standalone, modular product that:

  • Provides out-of-the-box support for several token types including SAML 1.1 and SAML 2.0, x.509, Kerberos and username/password, and is extensible to support custom tokens.
  • Provides a Web-based console for 100 percent GUI configuration.
  • Moves identity-related security and cryptography code out of applications by consolidating security token processing into a centralized, shared server.
  • Aggregates trust management to dramatically simplify administration.
  • Does not require a heavyweight identity management system.

Most Read Features

Most Read Around the Web

Most Read This Just In

Most Read Blogs

Sponsored Whitepapers

Breaking I/O Bottlenecks

10/30/2013 | Cray, DDN, Mellanox, NetApp, ScaleMP, Supermicro, Xyratex | Creating data is easy… the challenge is getting it to the right place to make use of it. This paper discusses fresh solutions that can directly increase I/O efficiency, and the applications of these solutions to current, and new technology infrastructures.

A New Ultra-Dense Hyper-Scale x86 Server Design

10/01/2013 | IBM | A new trend is developing in the HPC space that is also affecting enterprise computing productivity with the arrival of “ultra-dense” hyper-scale servers.

Sponsored Multimedia

Xyratex, presents ClusterStor at the Vendor Showdown at ISC13

Ken Claffey, SVP and General Manager at Xyratex, presents ClusterStor at the Vendor Showdown at ISC13 in Leipzig, Germany.

HPCwire Live! Atlanta's Big Data Kick Off Week Meets HPC

Join HPCwire Editor Nicole Hemsoth and Dr. David Bader from Georgia Tech as they take center stage on opening night at Atlanta's first Big Data Kick Off Week, filmed in front of a live audience. Nicole and David look at the evolution of HPC, today's big data challenges, discuss real world solutions, and reveal their predictions. Exactly what does the future holds for HPC?


Stay informed! Subscribe to HPCwire email Newsletters.

HPCwire Weekly Update
HPC in the Cloud Update
Digital Manufacturing Report
HPCwire Conferences & Events
Job Bank
HPCwire Product Showcases


HPC Job Bank

Featured Events

HPCwire Events