Microsoft opens up its identity management e-wallet
Says open-source developers shouldn't worry that technology offer is a patent trap
Microsoft is making the Identity Selector Interoperability Profile technology freely available under its Open Specification Promise (OSP) to any developers -- individuals as well as programmers at open-source projects or commercial ventures -- who want to build identity management software. The OSP is a mechanism through which Microsoft offers some of its technology specifications for open use while making "a personal promise" not to assert any patent claims against people who utilize them.
Identity Selector is a sort of electronic wallet that securely stores an end user's personal information, according to Thom Robbins, director of Microsoft's .Net product management group. Used with the company's Windows CardSpace technology, Identity Selector can make it easier for users to log into Web sites and for sites to harvest as little or as much personal information from a user as needed to authenticate his identity, Robbins said.
Formerly known as InfoCard, CardSpace is a component of Microsoft's .Net Framework 3.0 that is built into Windows Vista and available for Windows XP. Nevertheless, it is meant to be a cross-industry technology that can be adopted by all users -- unlike Passport, an earlier Microsoft technology that enabled people to use the same username and password when logging into HotMail, MSN and other Microsoft Web sites or services.
Other technology that Microsoft has released under the OSP include its Office Open XML file format.
Microsoft also said that is creating four open-source projects to help Web developers accept the authentication data created by CardSpace and Identity Selector. These projects are meant to enable interoperability with Java on systems running Sun Microsystems Inc.'s Sun Java System Web Server, IBM's WebSphere Application Server or the open-source Apache Tomcat software, and with Ruby on Rails and PHP on the Apache Web Server.
Two of the open-source projects will be hosted on the SourceForge and RubyForge Web sites, while the other two will be hosted on separate pages on Microsoft's own CodePlex site -- one for Java, and the other for Ruby.
In addition, Microsoft said it will cooperate with two small vendors on an open-source project to build an OpenLDAP adapter for its Identity Lifecycle Manager 2007 software. That will enable users to synchronize identity information between Microsoft's Active Directory and the OpenLDAP directory and add to ILM 2007's out-of-the-box connectivity to 30 other directories, databases and identity systems, Microsoft said.
Despite recent statements by Microsoft reiterating its claims that Linux and other open-source technologies violate its intellectual property, Jean Paoli, the software vendor's general manager for interoperability and XML architecture, said that open-source developers shouldn't look skeptically at today's announcements.
In identity management, Paoli said, "I can tell you that we do a lot of open-source projects, and it's all about collaboration."
Read more about Security in Computerworld's Security Topic Center.
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts