The STS handles the exchange of claims and is part of Microsoft's MetaSystem model for a distributed identity architecture.
Beta 1 of the Geneva Server is available now. A second beta will be released in the first half of next year and the product will ship in the second half of 2009.
Geneva CardSpace Client, which has been upgraded to be more efficient, and the Geneva Framework will follow the same roadmap.
The Geneva Framework is an extension to the .Net Framework 3.5 that helps developers more easily build applications that incorporate a claims-based identity model for authentication/authorization. The framework and the STS technology are building toward Microsoft's ultimate goal of an "identity bus."
The nirvana of the concept is that off-the-shelf applications could plug into the bus in order to authenticate users and provide access control.
Microsoft also plans to create an identity backbone using the Microsoft Federation Gateway (MFG), which would run as part of its cloud-services platform Azure, which it announced Monday.
Geneva Server or third-party STS gateways could connect to MFG, which would provide identity services to cloud applications such as Exchange, SharePoint and SQL Server. Developer services also would be securely accessed via MFG.
Cameron pointed out that MFG is not LiveID, which has some four million users, but will support it. He said MFG is in production, but a release data has not been set.
Also part of the identity platform is the Microsoft Service Connector (MSC), a fixed- function gateway that lets users connect Active Directory with the Microsoft Federation Gateway. MSC, which will be a free download, is a lightweight version of the Geneva Server. MSC is in a community technology preview (CTP) now with a beta and final release slated for the first half of next year.
Also on the docket is .Net Access Control (NAC), which will become a service on the Azure cloud platform. NAC is an STS that takes in authentication claims and outputs authorization claims based on a set of rules that can be defined via a management portal. The service lets users create and maintain rules and integrates with the Federation Gateway. Microsoft also plans a version of NAC that users can run internally.