RealTime IT News

Microsoft Enters Identity Management Fray

Microsoft rivals have been staking out a claim to the identity management space -- a critical component of Web services -- for about a year, but the Redmond, Wash. software titan won't concede the space without a fight and stepped up to the plate Wednesday with a new platform for identity and access management.

The firm Wednesday released to manufacturing Microsoft Identity Integration Server (MIIS) 2003, built on the foundation of its Metadirectory Services 3.0 offering, saying that it will allow customers to integrate information from multiple repositories for a single, complete view of user information.

"Customers have told us they need an end-to-end solution for managing identity information and access rights," said Bill Veghte, corporate vice president for the Windows Server Group at Microsoft. "With today's delivery of MIIS, we bring provisioning and metadirectory capabilities together in a single solution that enables customers to create and manage user identities with a single consistent view across the enterprise and throughout the complete life cycle of identity management."

Because Web services essentially expose APIs that allow users to drill into back-end databases, identity and authentification controls are essential to keeping critical data secure and only allowing access to authorized users.

"Identity management has become a core business issue for most enterprises," said Jamie Lewis, CEO and research chair of Burton Group. "Regulatory compliance, secure business-to-business (B2B) application integration and secure Web services simply aren't possible without solid identity management infrastructure."

This led Microsoft rival Sun Microsystems to form the Liberty Alliance Project in 2001. Created by Sun and 32 other companies, the Liberty Alliance has created specifications for the interoperability of open authentication systems. Sun rallied the Liberty Alliance as a response to a move by Microsoft to turn its Passport system into a "federated authentication system," potentially capturing the center of the nascent Web services market.

Since that time, Microsoft rivals Sun, and Novell have all come forward with solutions of their own: Sun ONE Identity Server and Novell eDirectory.

MIIS allows users to synchronize identity information across a variety of heterogeneous directory and non-directory identity stores, allowing customers to automate the process of updating identity information across platforms, reducing administrative costs by keeping data up-to-date across the enterprise without the need for manual updates. The server also enables users to provision and de-provision accounts and identity information like distribution, e-mail and security groups across systems and platforms. Finally, it also enables self-service and helpdesk initiated password management and reset through a Web interface.

The server also features SQL Server 2000 and Visual Studio .NET integration. The server uses SQL Server 2000 as the data repository, while Visual Studio allows customers to extend or customize their MIIS implementations.

As part of its identity management strategy, Microsoft is also adding features for Windows Server 2003, including:

  • Active Directory Application Mode (ADAM), which allows customers to deploy Active Directory as a Lightweight Directory Access Protocol (LDAP) for application-specific data while using their distributed Active Directory infrastructure sign-on
  • Identity Integration Feature Pack for Windows Server Active Directory, which integrates identity between multiple Active Directory forests or between implementations of ADAM; this is intended to ease management of digital identities across the Windows Server Active Directory infrastructure
  • Directory Services Markup Language (DSML) 2.0, giving developers the ability to represent directory structural information and directory operations as XML-based documents; providing interoperability between Active Directory and LDAP-enabled directories from other vendors
  • Microsoft Identity Management Solution Acclerator, which was built with the help of PricewaterhouseCoopers and provides planning and implementation guidance for customers building an identity management infrastructure.