Search This Blog

Wednesday, April 2, 2008

Finding the Right ID

As Microsoft looks to advance its interoperability initiative, CardSpace
(the company's identity-management framework) promises to play a key
role in providing authentication between Windows and .NET-based
applications on the one end, and the Web, open source technology and
other key enterprise software platforms on the other. Microsoft lowered
a key barrier by adding support for the recently upgraded industry
standard OpenID specification into its CardSpace client identity-management
framework. Still, it could be some time before developers are called on
to use OpenID and CardSpace for cross-platform enterprise applications.
CardSpace is a key component of Microsoft's .NET Framework 3.5 and is
supported in Internet Explorer 7 and Windows. It's built largely on
Microsoft Windows Communication Foundation (WCF), serving as the
identity provider. While OpenID provides single sign-on to social
networking sites and blogs -- letting users log in one time to employ
a public persona across multiple sites -- it's not robust enough to
support government applications, casual Web surfing, financial
transactions or private data access. Microsoft's Chief Identity Architect
Kim Cameron has said in his Identity Weblog that the company is
interested in OpenID as part of a spectrum of solutions. But Cameron
has written that unlike redirection protocols such as SAML, WS-Federation
and OpenID, CardSpace limits the amount of personal information users
need to give out, making Web surfing more secure. Microsoft describes
CardSpace as an identity selector -- the user creates self-issued cards
and associates a limited set of identity data with each. The CardSpace
user interface is security-hardened, and the user decides what
information will be provided.

No comments: