Identity information can now be presented by clients due to a set of specifications launched by The Liberty Alliance, a consortium of users and vendors developing identity standards.

    Clients have the possibility to store identity credentials locally inside a trusted module with the new Advanced Client specification. In addition, these identity credentials can be presented for authorisation to access services or a network. There is no need for an outside identity service provider to validate the credentials each time.

Identity systems such as OpenID and Microsoft's CardSpace technology that shipped with Windows Vista use a similar model.
The Application Client specification is built off of the Liberty Alliance's current ID-Web Service Framework 2.0 specification. Mechanisms defining   the exchange of identity data are included in the specification.  

    Roger Sullivan, president of the Liberty Alliance management board and vice president of Oracle identity management, stated: "In a normal federated identity relationship the credential is presented by the identity provider, say a bank or financial institution. But in this instance the credentials can be provisioned to a trusted module in the device and the credential can be presented to the service provider in the same circle of trust as before without having the identity provider in the loop. It gives more functionality and flexibility to that device."

    Cameras, handhelds, laptops, printers, smart cards and televisions are the ones that can benefit of this specification, according to Sullivan. He gave the example of a projector in a cinema that could be authenticated to download a digital movie, show the film and then be blocked from showing it again.

Sullivan explained: "You could create a much more authenticated mechanism for controlling the distribution of digital film."

    Secure provisioning mechanisms, support for any device/network functionality and online/offline capabilities are provided by the set of Advance Client specifications. The set is momentarily in a technical draft. Interoperability testing is planned by The Liberty Alliance for the next couple of months. A proof of concept model was shown by Intel, HP and BT at this year's RSA Conference.

    Among the products provided in order to offer identity capabilities to client devices, the Advanced Client is the second out of three, according to Liberty officials. The first was the Liberty Enabled Client/Proxy. The third phase, called the Robust Client, is not on the market yet, as it is still under development. Trusted digital identity relationships and mobility modules will be supported by the third phase. In addition, a platform facilitating client-based universal strong authentication will also be provided.

The Advanced Client specifications can be downloaded from their web site.