RealTime IT News

Microsoft Examines InfoCard Framework

Microsoft is working on new software to wrap up all existing and upcoming identity management systems under one framework, code-named InfoCard. Redmond expects to give developers a sneak preview of the technology later this month.

The framework will create a level of abstraction to individual identity management systems and allow them to "plug" in new identity technologies as they go. The goal is to let end users manage a variety of authentication mechanisms from one place.

Ideally, end users will be able to buy merchandise at e-commerce sites like Amazon.com, or sign onto their online banking account using one piece of software, rather than relying on technology from several identity management providers.

"It just makes it super-easy for the end user to pick among their different kinds of credentials," said John Shewchuk, an architect in Microsoft's distributed systems group, during a Web cast Tuesday.

InfoCard is an identity meta-system that will initially incorporate everything from user names and passwords to smart cards to X.509 certificates, as well as new technologies created through the Liberty Alliance and other technology groups.

The goal, Shewchuk said, is to avoid having non-interoperable silos of identity management systems floating around the Internet that can't talk to each other. It's a move in another direction for Microsoft, which is finding it must mesh its systems with non-Windows platforms in order to remain successful in the business world.

"One of the things that has characterized a lot of Microsoft's previous efforts, we had kind of viewed the world as a collection of relatively homogeneous Windows systems," Shewchuk said in the Web cast. "But increasingly, as we move our server strategy forward, we think Microsoft technologies have to participate very well in this interoperable world."

The InfoCard technology will be based on Microsoft's work within on WS-* Web services architecture.

Microsoft has already made a start on its interoperability pledge with its recent announcement that it jointly developed two identity management specifications with Sun Microsystems . The specs allow a browser-based single sign-on between security domains using the Liberty Alliance's Identity Federation Framework (ID-FF) and WS-Federation.

The Web Single Sign-On Metadata Exchange (Web SSO MEX) protocol and Web Single Sign-On Interoperability Profile (Web SSO Interop) specification will either be submitted to OASIS or the World Wide Web Consortium (W3C) for standardization.

Microsoft officials said it's too early to say how InfoCard will be delivered to end users. A spokesperson would not comment on whether the technology would be incorporated into the upcoming Windows operating system, code-named Longhorn.

The spokesperson said a technical preview of the technology will be released in late May to garner feedback from the developer community.