From November Microsoft will share code to enable organisations and software makers to build support for Passport into their own single sign-on authentication systems. For example, a corporation could employ the technology so that its employees could sign on to a corporate portal and a Passport-protected Web site without having to type in a user name and password each time.
The code will be free to companies, academics, developers and governments under Microsoft's Shared Source Licence, which allows developers to view the code for purposes of developing, debugging and supporting both commercial and noncommercial products. Organisations using Passport will still have to sign a contract and pay a fee for access to the service, said Adam Sohn, product manager for Microsoft's .net platform group.
Passport works through Passport Manager technology, which resides on the authentication system of a Web site or an application and communicates with Passport servers hosted by Microsoft, where users are authorised and credentials are stored, Sohn said.
The technology was first alluded to in September 2001 when Microsoft disclosed plans to take a "federated" approach to network identity and to allow Passport users to traverse various password-protected Web sites and services that support a common technology. The company said at the time that it would add support for the industry standard authentication technology Kerberos, in order to create compatibility between various systems.
Microsoft has since pledged to also add support for a standard called SAML (Security Assertion Markup Language), which would make it easier to ensure compatibility, the company said in July.
Microsoft's chief technology officer Craig Mundie announced the addition of Passport Manager to the Shared Source program at the Digital Identity World 2002 Conference in Denver, USA. The announcement bolsters Microsoft's code sharing program, which already includes Windows CE and pieces of its .net Framework.
Mundie also offered details about a product Microsoft plans to launch that will allow Passport users to test the security of their passwords. The Passport Password Quality Meter is designed to measure the level of security that a password might offer. Availability of the tool was not disclosed.
The Liberty Alliance Project hopes to win over developers to its federated authentication technology instead of Passport. The specification, being developed by the 120-company member group, will enable corporate developers and Web site operators to use their choice of single sign-on authentication technology, but still interoperate with other systems that also support the Liberty specification.