Microsoft opens up its identity management e-wallet
Says open-source developers shouldn't worry that technology offer is a patent trap
Microsoft is making the Identity Selector Interoperability Profile technology freely available under its Open Specification Promise (OSP) to any developers -- individuals as well as programmers at open-source projects or commercial ventures -- who want to build identity management software. The OSP is a mechanism through which Microsoft offers some of its technology specifications for open use while making "a personal promise" not to assert any patent claims against people who utilize them.
Identity Selector is a sort of electronic wallet that securely stores an end user's personal information, according to Thom Robbins, director of Microsoft's .Net product management group. Used with the company's Windows CardSpace technology, Identity Selector can make it easier for users to log into Web sites and for sites to harvest as little or as much personal information from a user as needed to authenticate his identity, Robbins said.
Formerly known as InfoCard, CardSpace is a component of Microsoft's .Net Framework 3.0 that is built into Windows Vista and available for Windows XP. Nevertheless, it is meant to be a cross-industry technology that can be adopted by all users -- unlike Passport, an earlier Microsoft technology that enabled people to use the same username and password when logging into HotMail, MSN and other Microsoft Web sites or services.
Other technology that Microsoft has released under the OSP include its Office Open XML file format.
Microsoft also said that is creating four open-source projects to help Web developers accept the authentication data created by CardSpace and Identity Selector. These projects are meant to enable interoperability with Java on systems running Sun Microsystems Inc.'s Sun Java System Web Server, IBM's WebSphere Application Server or the open-source Apache Tomcat software, and with Ruby on Rails and PHP on the Apache Web Server.
Two of the open-source projects will be hosted on the SourceForge and RubyForge Web sites, while the other two will be hosted on separate pages on Microsoft's own CodePlex site -- one for Java, and the other for Ruby.
In addition, Microsoft said it will cooperate with two small vendors on an open-source project to build an OpenLDAP adapter for its Identity Lifecycle Manager 2007 software. That will enable users to synchronize identity information between Microsoft's Active Directory and the OpenLDAP directory and add to ILM 2007's out-of-the-box connectivity to 30 other directories, databases and identity systems, Microsoft said.
Despite recent statements by Microsoft reiterating its claims that Linux and other open-source technologies violate its intellectual property, Jean Paoli, the software vendor's general manager for interoperability and XML architecture, said that open-source developers shouldn't look skeptically at today's announcements.
In identity management, Paoli said, "I can tell you that we do a lot of open-source projects, and it's all about collaboration."
Read more about Security in Computerworld's Security Topic Center.
- Securing Mobility, From Device to Network At one time, the process of managing and securing mobile devices and applications was fairly straightforward. Most organizations worried about one application (email)...
- Data Protection eGuide In this eGuide, CSO and sister publications IDG News Service, Computerworld, and CIO pull together news, trend, and how-to articles about the increasingly...
- Warning: Cloud Data at Risk Experts agree that relying on SaaS vendors to backup and restore your data is dangerous. Yet that's exactly what huge portions of the...
- The Opportunities and Challenges of the Cloud In this report F5 poses questions to IDC analysts, Sally Hudson and Phil Hochmuth, on behalf of F5's customers to better understand the...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!