Microsoft Enters Identity Management Fray

Microsoft rivals have been staking out a claim to the
identity management space — a critical component of Web services — for
about a year, but the Redmond, Wash. software titan won’t concede the space
without a fight and stepped up to the plate Wednesday with a new platform
for identity and access management.


The firm Wednesday released to manufacturing Microsoft Identity Integration
Server (MIIS) 2003, built on the foundation of its Metadirectory Services
3.0 offering, saying that it will allow customers to integrate information
from multiple repositories for a single, complete view of user information.

“Customers have told us they need an end-to-end solution for managing
identity information and access rights,” said Bill Veghte, corporate vice
president for the Windows Server Group at Microsoft. “With today’s delivery
of MIIS, we bring provisioning and metadirectory capabilities together in a
single solution that enables customers to create and manage user identities
with a single consistent view across the enterprise and throughout the
complete life cycle of identity management.”

Because Web services essentially expose APIs that
allow users to drill into back-end databases, identity and authentification
controls are essential to keeping critical data secure and only allowing
access to authorized users.

“Identity management has become a core business issue for most
enterprises,” said Jamie Lewis, CEO and research chair of Burton Group.
“Regulatory compliance, secure business-to-business (B2B) application
integration and secure Web services simply aren’t possible without solid
identity management infrastructure.”

This led Microsoft rival Sun Microsystems to form
the Liberty Alliance Project in 2001. Created by Sun and 32 other
companies, the Liberty Alliance has created specifications for the
interoperability of open authentication systems. Sun rallied the Liberty
Alliance as a response to a move by Microsoft to turn its Passport system
into a “federated authentication system,” potentially capturing the center
of the nascent Web services market.

Since that time, Microsoft rivals Sun, and Novell have
all come forward with solutions of their own: Sun ONE Identity Server and
Novell eDirectory.


MIIS allows users to synchronize identity information across a variety of
heterogeneous directory and non-directory identity stores, allowing
customers to automate the process of updating identity information across
platforms, reducing administrative costs by keeping data up-to-date across
the enterprise without the need for manual updates. The server also enables
users to
provision and de-provision accounts and identity information like
distribution, e-mail and security groups across systems and platforms.
Finally, it also enables self-service and helpdesk initiated password
management and reset through a Web interface.

The server also features SQL Server 2000 and Visual Studio .NET
integration. The server uses SQL Server 2000 as the data repository, while
Visual Studio allows customers to extend or customize their MIIS
implementations.

As part of its identity management strategy, Microsoft is also adding
features for Windows Server 2003, including:

  • Active Directory Application Mode (ADAM), which allows customers to
    deploy Active Directory as a Lightweight Directory Access Protocol (LDAP)
    for application-specific data while using their distributed Active
    Directory infrastructure sign-on

  • Identity Integration Feature Pack for Windows Server Active Directory,
    which integrates identity between multiple Active Directory forests or
    between implementations of ADAM; this is intended to ease management of
    digital identities across the Windows Server Active Directory
    infrastructure

  • Directory Services Markup Language (DSML) 2.0, giving developers the
    ability to represent directory structural information and directory
    operations as XML-based documents; providing interoperability between
    Active Directory and LDAP-enabled directories from other vendors

  • Microsoft Identity Management Solution Acclerator, which was built with
    the help of PricewaterhouseCoopers and provides planning and implementation
    guidance for customers building an identity management infrastructure.

News Around the Web