Start-up Symplified emerged from stealth mode Wednesday with an identity service designed to help corporations cut costs and complexity while securely attaching to Web-based resources.

The company introduced a hosted subscription service that lives on the Web, as well as a router-like appliance companies can install locally that is remotely managed by Symplified. The hosted service and the managed router provide the same service, and users choose one or the other as their deployment option. The company made the announcement at the annual Burton Group Catalyst Conference.

The Symplified service helps users ease the integration of their identity infrastructure, including access policies with online services and applications that run on an intranet or are hosted by such third parties as Salesforce.com. The start-up, based in Boulder, Colo., says its goal is to take the software out of the identity equation and give users a sort of middleware that provides Web single-sign-on, access control, auditing and identity virtualization.

"The way we solve the cost and complexity of the identity-software problem is get rid of the software," says Eric Olden, co-founder and CEO of Symplified. "We are the Postini of identity," he says.

Olden is a seasoned veteran in the identity game, having co-founded Securant, a Web access-management platform that he sold to EMC's RSA division in 2001.He and Symplified CTO Darren Platt authored protocols that eventually led to today's Security Assertion Markup Language (SAML) standard.

Symplified uses SAML along with such techniques as form stuffing, SSL and message-digest as the plumbing in its service "How we simplify is that we get the gory details away from people," Olden says. Those details include all the hooks needed to securely connect to services.

The Symplified service authenticates a user, creates a session, authorizes the user and audits activity. Symplified engineers create integrations with specific services on the Web, then provide a single activation button within the Symplified interface so users get single-click activations. Users get provisioning and deprovisioning capabilities that are synchronized with their existing user management. The company provides a drop-down menu of the available services it supports and can create additional integrations with available intranet applications or services.

Symplified's identity service is housed in a secure SAS 70 Type II data center, and uses a virtual, private Lightweight Directory Access Protocol directory to store a company's encrypted user-identity credentials. The company also offers Active Directory integration built on Web services. With the hosted service, users don't install anything on their Web or application servers; managing identity policies is done via Symplified's SinglePoint Studio interface.

The service scales to 100,000 identities per customer and is priced at US$2,500 per month.

The Symplified Identity Router is a self-contained router that runs on the network or in a company's DMZ; and features a hardened, Linux-based operating system. It has no external IP address to hide itself from attacks. Symplified uses the same router to run its hosted service. The company can push upgrades and updates to the router remotely and manage the box.

The router comes in three versions: the GTX model, which scales to 2 million identities; the GT, which scales to 200,000; and the GTV, which scales to 100,000.