Skip the navigation

Microsoft opens up its identity management e-wallet

Says open-source developers shouldn't worry that technology offer is a patent trap

By Eric Lai
May 23, 2007 12:00 PM ET

Computerworld - Microsoft Corp. today announced plans to release a free identity management specification that it says can help software developers make Web surfing more secure.

Microsoft is making the Identity Selector Interoperability Profile technology freely available under its Open Specification Promise (OSP) to any developers -- individuals as well as programmers at open-source projects or commercial ventures -- who want to build identity management software. The OSP is a mechanism through which Microsoft offers some of its technology specifications for open use while making "a personal promise" not to assert any patent claims against people who utilize them.

Identity Selector is a sort of electronic wallet that securely stores an end user's personal information, according to Thom Robbins, director of Microsoft's .Net product management group. Used with the company's Windows CardSpace technology, Identity Selector can make it easier for users to log into Web sites and for sites to harvest as little or as much personal information from a user as needed to authenticate his identity, Robbins said.

Formerly known as InfoCard, CardSpace is a component of Microsoft's .Net Framework 3.0 that is built into Windows Vista and available for Windows XP. Nevertheless, it is meant to be a cross-industry technology that can be adopted by all users -- unlike Passport, an earlier Microsoft technology that enabled people to use the same username and password when logging into HotMail, MSN and other Microsoft Web sites or services.

Other technology that Microsoft has released under the OSP include its Office Open XML file format.

Microsoft also said that is creating four open-source projects to help Web developers accept the authentication data created by CardSpace and Identity Selector. These projects are meant to enable interoperability with Java on systems running Sun Microsystems Inc.'s Sun Java System Web Server, IBM's WebSphere Application Server or the open-source Apache Tomcat software, and with Ruby on Rails and PHP on the Apache Web Server.

Two of the open-source projects will be hosted on the SourceForge and RubyForge Web sites, while the other two will be hosted on separate pages on Microsoft's own CodePlex site -- one for Java, and the other for Ruby.

In addition, Microsoft said it will cooperate with two small vendors on an open-source project to build an OpenLDAP adapter for its Identity Lifecycle Manager 2007 software. That will enable users to synchronize identity information between Microsoft's Active Directory and the OpenLDAP directory and add to ILM 2007's out-of-the-box connectivity to 30 other directories, databases and identity systems, Microsoft said.

Despite recent statements by Microsoft reiterating its claims that Linux and other open-source technologies violate its intellectual property, Jean Paoli, the software vendor's general manager for interoperability and XML architecture, said that open-source developers shouldn't look skeptically at today's announcements.

In identity management, Paoli said, "I can tell you that we do a lot of open-source projects, and it's all about collaboration."

Read more about Security in Computerworld's Security Topic Center.

Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!