Client Devices

With a roadmap to deliver an end-to-end digital identity management framework that provides enterprise users and consumers with increased identity management functionality across all networks and devices, federation and identity web services functionality at the client device level is naturally a part of the Liberty solution.

The client device solution has evolved in phases with each new release of Liberty framework functionality. In Phase One Liberty Alliance defined the LECP (Liberty Enabled Client/Proxy) which was incorporated into SAML 2.0 and supports federation operations as the Enabled Client/Proxy. The Active Client is part of Phase Two and provides client-based Web services functionality, single sign-on into Liberty Web Services and support for any authentication model. The Advanced Client Technology represents the Third Phase of Liberty’s ongoing work in delivering increased identity management functionality to client devices. Work on the Robust Client specifications, Phase Four, is underway. These Phase Four specifications will support trusted digital identity relationships, mobility modules and provide a platform for facilitating client-based universal strong authentication.

The various phases of the client device functionality deliver different benefits to deployers and consumers. Overall, the capability at the device level represents a huge market opportunity for deployers, who can now more easily build identity-based functionality into all different kinds of devices in a standards-based format. From a consumer perspective, the client device functionality is equally as exciting given the personalization, privacy and security measures this functionality can allow them to employ--on any device, with all of the devices interoperable. The Advanced Client Technology, for example, makes clients ‘first class identity citizens’ with controls for privacy and connectivity challenges built into the specifications.

Additional Resources

Marco Casassa Mont’s “Research on Identity Management” Blog

General identity blog with many discussions of client device functionality.

General identity blog with many discussions of client device functionality.

George Fletcher: Provisioning Mobile Apps Identity in Practice Blog

RSA Conference Workshop: Remote Provisioning of Soft Credentials

•  BT RSA 10.62 MB

RSA Conference Workshop: Liberty Alliance Identity Standards: Intel Identity Capability

RSA Conference Workshop: Liberty Alliance Identity Standards: Intel

RSA Conference Workshop: Liberty Alliance Identity Standards: HP

Liberty 2.0 New Advanced Client Solutions and Roadmap - Conor Cahill, Intel

This "Specifications" directory houses all the specifications called by the pages in the "Resource Center | Specifications" tree and are not available for browsing here.


The latest draft of the Advanced Client 1.0 Specs, schema, WSDL, and supporting docs. These are draft specifications, subject to final approval and vote by membership, and public comment is welcome and encouraged.

Liberty Alliance ID-WSF Advanced Client 1.0 Specifications - Draft Release 2

Specifications for Linking Digital Identity Management to Consumer Devices: Archie Reed's Blog

The Liberty Alliance released a new set of specifications aimed at protecting identity information transmitted by mobile devices during Web-based transactions.

Mar 21
Liberty Alliance Publishes New Specs for Securing E-Commerce

The Liberty Alliance has unveiled its Advanced Client specifications designed to allow enterprises and consumers to manage identity information on devices such as cameras, handhelds, laptops, printers and televisions.

Mar 21
Liberty Alliance lifts lid off Advanced Client

A new batch of identity management specifications for consumer devices has been released by global identity management consortium the Liberty Alliance. The Advanced Client specifications are designed to allow enterprise users and consumers to manage identity information on devices such as cameras, handhelds, laptops, printers and televisions.

Mar 21
Identity management specs released for consumer devices
Computer Weekly >

The evolution of Liberty-related clients is reviewed in this presentation, with use cases discussed for each. Particular focus is spent on the Advanced Client, its capabilities and functions, use cases it addresses, and how to technically implement it.

As part of the workshop, eGovt attendees gathered to review use cases and commonalities across their deployments. This presentation reviews some of these discussions and presents use case models for reviewing application of Liberty's specifications to meet a variety of eGovt use cases.

This presentation by the NTT Information Sharing Platform Laboratories focuses on Identity and Client Security for Remote Access, focusing on NTT's Virtual Credential Container. Several use cases are explored, with future ones focused on SaaS(Software as a Service) and full convergence with Next Generation Networks