Information Cards technology headed toward standardization
OASIS working on fostering interoperability, acceptance
By
John Fontana
,
Network World
, 09/24/2008
- Share/Email
- Tweet This
- Print
Information Cards, the identity specification developed by Microsoft, is headed to a standards body that will work to ensure interoperability among implementations and adoption as a standard
authentication method across the Internet.
The Organization for the Advancement of Structured Information Standards (OASIS), which is known for hammering out Web services
standards, has created the OASIS Identity Metasystem Interoperability (IMI) Technical Committee. The group plans to hold its
first meeting Sept. 29 in London.
This is the first effort to take the user-centric identity model championed by Microsoft and others such as Novell, Oracle and IBM and have it standardized for use across platforms and across the Internet.
Microsoft's InfoCard technology and its user interface implementation called CardSpace presents users with an identity selector interface, basically a palette of secure identity cards, that can be used to authenticate
to various Web sites or network resources such as applications or databases. It is all part of the company's Identity Metasystem
that also includes back-end servers and gateways for exchanging cards and the data they contain.
The OASIS group will focus on making sure implementations of the Information Cards technology, first introduced by Microsoft in 2005, are interoperable. It will not create an entirely new specification.
The foundation of the IMI's work will be built around the Identity Selector Interoperability Profile from Microsoft, the Web
Services Addressing Endpoint References and Identity specification from IBM and Microsoft, and the Open Source Identity Systems
(OSIS) Feature Tests from Identity Commons.
The IMI group said in a statement that it would "assure the portability of Information Card content by defining a standard
method of transferring collections of Information Cards between Identity Selectors." The group says Information Cards have
relevance to Web 2.0, consumer and corporate intranet applications.
"Having things be real standards created by internationally recognized standards bodies is important for adoption in certain
sectors such as government and telcos," says Mike Jones, director of identity partnerships for Microsoft and the author of
the Identity Selector Interoperability Profile. Jones says the expectation is that other organizations such as the ITU would
recommend the use of the IMI's eventual standard.
"This is not coming out as a surprise," Jones says. "This has been building on the fact that most of the major system vendors
have been working together to achieve interoperability among Information Cards software for about two years. This is coming
at a logical point."
The OSIS group has held six interoperability events since May 2007 that have included various vendors.
In June, Equifax, Google, Microsoft, Novell, Oracle and PayPal set up the Information Card Foundation to push Information
Cards as an open, interoperable user-centric identity system that could stretch across both intranets and the Internet. Deutsche
Telecom and Intel later joined as board members.
Comment