Microsoft further opens up identity platform

Move seen as Redmond's latest to foster integration

Microsoft on Wednesday unveiled royalty-free access to another of its identity specifications and introduced four open-source projects designed to improve interoperability among its identity management platform and those from other vendors and developers.

Microsoft on Wednesday unveiled royalty-free access to another of its identity specifications and introduced four open source projects designed to improve interoperability among its identity management platform and those from other vendors and developers.

The company also announced a partnership to create a connector for Microsoft’s Identity Lifecycle Manager 2007 that allows integration with directories based on the open source OpenLDAP specification.

Microsoft has been working on fostering integration among identity providers, especially in terms of Microsoft’s Information Card technology and the CardSpace implementation of that technology in Vista.

CardSpace is an identity selector, or digital wallet, that lets users control the dissemination of their identity information.

Novell in March announced its own open source implementation of CardSpace based on its Bandit Project called InfoCard Selector.

IBM, Novell and a group of academics are working on the Higgins open source project designed to tie together applications and identity systems. Developer Chuck Mortimer has created a Java-based identity card selector that runs in a browser, and developer Kevin Miller has created an extension for Firefox to support CardSpace.

“[Microsoft’s announcement] is a great development,” said Pamela Dingle, a consultant with Nulli Secundus, which provides services around identity management. “We have been waiting for the last little holes to be filled so people can push this technology forward without becoming a legal target. For Microsoft, they are not trying to earn kudos, they are just wrapping up what they have already promised. It is obvious Microsoft’s group working on the information card system is dedicated to creating a framework that is open.”

Last week, Microsoft along with Novell, the Liberty Alliance and others participated in an identity card interoperability test that included five different card selector interfaces. The test was run at the Internet Identity Workshop conference sponsored by the Open Source Identity System. Microsoft’s latest step to open up its identity platform involves its Identity Selector Interoperability Profile (ISIP), which is being made available to developers looking to create their own digital wallets.

Microsoft is offering access to the specification under its Open Specification Promise (OSP), which it introduced in late 2006.OSP, which also covers 38 Web services protocols developed by Microsoft and partners, allows developers to use ISIP to build their identity selectors without having to pay licensing fees to Microsoft or worry about the threat of future patent claims.

ISIP 1.0 includes mechanisms contained within WS-Trust, WS-SecurityPolicy and WS-MetadataExchange, which are protocols covered under OSP and used by Microsoft within its own Identity MetaSystem platform.

In addition, Microsoft said it is launching four open source projects to help Web developers support information cards.

The projects will implement software for specifying a Web site’s security policy and for accepting identity cards using Java for Sun Java System Web Server, Apache Tomcat or IBM’s WebSphere Application Server running on Linux, for implementing on the Ruby on Rails Web application framework, and using PHP for the Apache Web server. A fourth project will concentrate on implementing a C Library that may be used generically for any Web site or service.

These projects mimic the support for information cards Microsoft has already added within its Visual Studio development environment.

Microsoft also will team with Kernel Works and the Oxford Computer Group to provide an OpenLDAP adapter for Microsoft’s Identity Lifecycle Manager (ILM) 2007, which was formerly called Microsoft Identity Integration Server. The adapter will allow for bidirectional synchronization between ILM and OpenLDAP repositories.

Learn more about this topic

Microsoft cuts intellectual-property chains from Web services protocols

Open source projects to showcase identity integration

Novell funds open source Bandit

Editors' Picks
Join the discussion
Be the first to comment on this article. Our Commenting Policies