Microsoft to push ID authentication through Vista

Consumer identity to move away from single-identity authentication

Microsoft's chief identity and access architect, Kim Cameron, believes the inroads Microsoft is making into creating "trusted identities" through the online identity verification tool in Vista, CardSpace, will solve consumer-level security and identity authentication issues.

CardSpace, formerly known as InfoCard, is Microsoft's push to create a unified and interoperable online identity and is included as part of the .Net Framework 3.0.

Cameron said the company has spent more time helping enterprise companies with the "identity problem" than consumers, and said the future of consumer identity will not be a single identity used online across every context but multiple identities used "at the right point in the day." More importantly, Web sites will utilize the system because users will like it - big sites will be able to provision hundreds of millions of CardSpace-enabled accounts at the flick of a switch, Cameron said.

"Once you accept using multiple identities, the question becomes how can that be organized from a user's point of view. What CardSpace does is use the right one at the right point," he said. "CardSpace gives users a way to organize their relationships, so it is not like this is an alternative to two-factor ID but a way of making two-factor an experience consistent to the user."

Robert Goldberg, KPMG partner of risk advisory, said Microsoft's CardSpace is less about implementing technology than providing a tool that implements a process people can trust.

Goldberg said the goal is to have control over managing the risk of online transactions based on the level of credentials required.

"CardSpace is attempting to manage risk associated with a new direction of online trading and the newer generation of computer users is going to continue to drive innovation and adoption of processes perhaps our generation didn't even want to accept," Goldberg said.

"I think the difference between CardSpace and, say, Active Directory is user control," he added.

This story, "Microsoft to push ID authentication through Vista" was originally published by Computerworld Australia.

Copyright © 2006 IDG Communications, Inc.

Shop Tech Products at Amazon