Microsoft to discuss ID management plans

Microsoft will make announcements this week about its strategy for managing user identities which could well end speculation...

Microsoft will make announcements this week about its strategy for managing user identities which could well end speculation about its plans for implementing federated identity technology into its products.

While Microsoft is not providing details about the announcement, the news will, reportedly, involve initiatives involving Microsoft and identity management company Oblix.

Microsoft has long-standing relationships with independent software vendors (ISVs) like Oblix and OpenNetworks Technologies.

The company calls on Oblix's NetPoint and OpenNetworks DirectorySmart to tie Windows networks using Microsoft's Active Directory service to other non-Windows directory systems relying on user authentication technology such as Kerberos, according to Gartner analyst John Pescatore.

The future of Microsoft's "TrustBridge" federated identity technology might be at stake.

Microsoft announced TrustBridge just over a year ago, saying that the new technology would enable businesses using Windows to share user identity information and interoperate across heterogenous environments using web services protocols such as Kerberos and Soap.

The technology was supposed to be released this year, but was left out of Windows Server 2003. Microsoft has had little to say about its status.

Speculation has arisen that Microsoft may moving away from plans to develop its own cross-platform identity management technology, Pescatore said.

"Maybe they're going to focus on making Windows work the best it can and rely on ISVs to integrate [Windows] into the tiny world of pure Unix using Kerberos," he added.

Among other things, Microsoft needed to clarify its intentions regarding the adoption of SAML (Security Assertion Markup Language), the XML-based authentication framework.

The company backed XRML (Extensible Rights Markup Language) for access control, but will need to support SAML as well to be fully interoperable with non-Windows environments, Pescatore said.

Pescatore anticipated that Microsoft will probably offer new guidance on the TrustBridge initiative, perhaps fleshing out the technology or providing clearer benchmarks for its identity management strategy.

Few companies are clamouring for the cross-enterprise, federated identity systems that TrustBridge, .net Passport or the Liberty Alliance are promising, according to Pescatore.

Despite the lack of demand, however, Microsoft and its adversaries in the Liberty Alliance are still jockeying for control of the identity management space.

"I think it's a question of who owns the hilltop when the troops come in," Pescatore said.

"What will give us an indication that something is happening on either side of the Liberty Alliance-Passport debate is a major player saying 'I am issuing Liberty Alliance or Passport based identities to my five million customers or users'."

Paul Roberts writes for IDG News Service

Read more on Business applications