Microsoft tools to push identity platform to the cloud

Company to add SAML 2.0 protocol support

Microsoft Tuesday will unveil an open identity platform code-named Geneva that extends to the cloud and includes development tools, gateway technologies and provides long-awaited support for the SAML 2.0 protocol.

Microsoft also will announce support for the OpenID protocol, which means Microsoft's LiveIDs can be used to access Web sites that support OpenID.

The identity platform's foundation is the claims-based access model and Security Token Service (STS) technology that Microsoft has been developing over the past few years as part of its industry effort to create a single identity system based on standard protocols.

Geneva is made up of the Geneva Server, formerly called Active Directory Federation Services 2.0; Geneva CardSpace Client, a smaller and faster version of the identity client now available with Vista; and the Geneva Framework, which was formerly code-named Zermatt.

Also part of the platform is the Microsoft Service Connector, the Microsoft Federation Gateway and the .Net Access Control Service, which are designed to create a sort of identity backbone and connection to the cloud.

The company plans to have the whole of the Geneva family of identity software and services rolled out by the second half of 2009.

"There is no pressure to use Microsoft components," said Kim Cameron, identity architect for Microsoft. "All aspects of Geneva are standard across the industry. This helps you build an identity backbone and get into the identity era."

The goal is to create a standards-based way to share "claims" and to connect with cloud-based services from Microsoft or other providers. Claims are a set of statements that identify a user and provide specific information such as title or purchasing authority.

Geneva will let companies with Active Directory extend it to create single sign-on between local network resources and cloud services.

In addition, developers will have tools to easily incorporate standards-based identity into the applications they build and IT will have choice in the identity services they roll out.

Geneva Server is an STS that augments Active Directory and installs on a domain controller or a server on the network. It supports WS-Federation, WS-Trust and the SAML 2.0 protocol. Microsoft previously only supported the SAML 2.0 token.

Tags security authentication

Show Comments