Microsoft vows plays nice with identity systems

By on
Microsoft vows plays nice with identity systems

Microsoft has unveiled a series of new projects that promote the interoperability between competing identity systems.

The software vendor has kicked off four open source projects that assist developments in accepting so-called information cards, verified credentials that are issued by identity meta systems. The developer tools instruct the system about the application's security policy and determine the credentials that require verification.

Microsoft's Visual Studio.Net developer tool already supports information cards. The new open source project will bring such capabilities to Java applications running on Apache Tomcat, IBM or Sun's application servers and to Ruby on Rails and PHP for the Apache web server. Another project implements a C Library for use on any website or service.

Information cards are a fundamental element in an identity meta system. Rather than requiring each application or website to verify the identity of a user, a meta system passes on such credentials between the end user, a service or application and identity providers.

It operates similar to a doorman outside a bar who places a stamp on the hand of patrons of legal drinking age, translating an identity card or driver's licence into a credential that the barman can easily understand and verify.

In computer terms, an identity meta systems adds an abstraction layer that translates between users, applications and identity providers. It bridges standards.

Microsoft came up with the idea for an identity meta system in 2004 in response to its failed Passport online identity system. Microsoft initially pitched the Passport service as a way to provide universal login for e-commerce sites and other online service. But the software provider quickly found out that potential partners and end users didn't trust its security and anti-trust record.

In addition to the open source development tools, Microsoft also has released the Identity Selector Interoperability Profile under its Open Specification Promise.

The standard lets developers build identity selectors. The OSP is a licence that allows for adoption in open source software and offers end users and developers a patents pledge.
Copyright ©v3.co.uk
Tags:

Most Read Articles

Log In

Username:
Password:
|  Forgot your password?