Microsoft will be showing off their new federated identity software shortly – a service that will allow users to log in and then carry their identity from site to site, securely allowing businesses to extend applications and intranets to external clients. The technology won’t be available until Q3 2005 with the release of Windows Server 2003 R2.
Michael Stephenson, lead program manager for Windows Server 2003 said “Federated identity lets companies securely extend their applications to suppliers and external users… We are showing how a user at one site might log on to a portal and then they can enter a purchase order at another location without having to sign on again. Today it is very expensive to provide this type of functionality.”
MS’s previous attempt at federated identity, Passport, never quite realised its potential, and so it’s back to the drawing board.
There’s already a W3C standard for federated identity, but Microsoft, along with IBM, want to push the WS-Security specifications put forward by OASIS (Organisation for the Advancement of Structured Information Standards).
Microsoft’s system will also be up against the Liberty Alliance set of open standards, led by their best pals Sun.
Federated identity is of importance to everyone – not only do you need to know what information is being held about you in your “ID passport” and what site and application owners do with that information, but that your personal details are secure and cannot be compromised.