RealTime IT News

Microsoft Brings Smart Cards In-House

Microsoft announced the acquisition of smart card technology provider Alacris.

Alacris makes software that provides an infrastructure to deploy and manage digital certificates, smart cards and USB authentication tokens. In July, Alacris released idNexus for Microsoft 3.0, the latest version of a two-year-old product designed for managing digital certificates and smart cards within the Windows environment.

The new version lets admins issue temporary cards and maintains a complete history of the cards, so that they can be re-used. Applet management supports the Global Platform 2.1 specification, so that customers can extend them with other compliant products.

Microsoft's Windows operating system already offers a platform for using smart cards and other strong authentication technologies on the desktop via Active Directory and Microsoft Certificate Services. But the ability to issue and manage smart cards and digital certificates came from third-party providers -- including Alacris.

"This acquisition is part of our ongoing investment in security and part of our overall security strategy," said Microsoft product manager Michael Atalla. "We're enhancing our story about identity and access management, and improving the experience for both users and administrators."

The idNexus product tied into Microsoft's Active Directory, the cornerstone of the Windows secure infrastructure, Atalla said. "Alacris as a Microsoft partner did all the right things to integrate with Active Directory all the advanced functionality, so users wouldn't have duplicate services."

Microsoft will continue to support existing idNexus customers as it incorporates the technology into Windows.

Atalla said this latest technology purchase is in line with Microsoft's goal of putting all the core services into the Windows platform to create a base for third-party applications. "In Windows Vista, Alacris' functionality will make the deployment of those technologies easier and lower-cost for IT shops."

Burton Group analyst Trent Henry said that his company advises clients that are rolling out large smart card projects to include lifecycle management applications. Such applications should handle getting the proper cards to users; store encryption and PKI keys in a secure way and automate giving users access to their PINs if they're forgotten.

"Microsoft has a PKI platform and Windows Certificate Services," Henry said. "They didn't do much with smart cards. But, even with those features that Microsoft provided out of the box, many times it took more clicks for the administrator to excecute those tasks than was ideal. Alacris provided much stronger automation [for those tasks]."

In addition to smart card and digital certificate management, Alacris also has Web-based policy-driven workflow management technology that could play into Microsoft's overall integration strategy.

At the Microsoft Professional Developers Conference last week, Microsoft introduced Windows Workflow Foundation, a set of tools and a programming model to let developers include workflow management controls in their applications. The workflow functionality will be part of WinFX, the new programming model for Windows Vista, formerly Longhorn, which is the next version of Windows released in beta in July.

"Alacris brings a workflow engine to the table," Atalla said. "We will analyze it to see if they've achieved some things in their engine that we haven't done in Longhorn. There are workflow components in a lot of different Microsoft solutions today, including identity and access, and we want to create the core workflow experience in Windows so that the applications we and our partners build can access the same workflow engine."

Whether or not Alacris' workflow technology is incorporated into Vista, Atalla said the goal is to provide one workflow engine that can be used by all applications, including the next evolution of idNexus.

Most of Alacris' smaller competitors already have been snapped up. Last year, HP acquired TruLogica, a vendor of software to manage access to applications and IT resources. HP said it would integrate TruLogica technology into its HP OpenView Select Access software to amplify its federated identity management offering.

In March 2005, Oracle bought Oblix with the aim of enabling secure single sign-on access among its newly acquired applications from PeopleSoft and J.D. Edwards.

BMC purchased Web single sign-on specialist OpenNetwork and ID management vendor Calendra. Computer Associates bought Netegrity in order to pair its eTrust Identity and Access Management suite with Netegrity's Web access software.