Windows Vista Update
Windows Vista Update
Alert!
for more information about Windows 7, click here 
Digital Identities
We did some research about Microsoft and Digital Identities...
Microsoft Envisions a Grand Digital-ID Plan
By Mary Jo Foley
The Redmond software maker has gone public with its big-picture thinking around identity-management. Now it is starting to fill in the implementation pieces.
Microsoft has a grand plan for digital-identity management. And over the next few months, the company will begin to deliver Microsoft implementations of some of the piece parts of that plan.
At last week's Digital Identity World 2005 conference, Microsoft officials explained a concept called the "identity metasystem" In Microsoft's view, such a metasystem could go a long way to making existing digital-ID systems interoperable.
An identity metasystem is much like a metadirectory, according to industry watchers. A metadirectory, or uber-directory service, is designed to users to view data from different directory systems in a unified way.
In a white paper published this month to the Microsoft Web site, Microsoft describes the identity metasystem this way: "This metasystem, or system of systems, would leverage the strengths of its constituent identity systems, provide interoperability between them, and enable creation of a consistent and straightforward user interface to them all. The resulting improvements in cyberspace would benefit everyone, making the Internet a safer place with the potential to boost e-commerce, combat phishing, and solve other digital identity challenges."
"The ID metasystem is a new concept that we just started talking more formally about last week," said Michael Stephenson, director of product management with the Microsoft Windows Server team.
The identity metasystem is an outgrowth of the WS-* Web services architecture that Microsoft and its partners have been championing for the past couple of years.
"The WS-* architecture has a number of the characteristics required for this (digital ID meta) system," Stephenson said. "We believe WS-* is the right architecture for plugging into the metasystem."
Stephenson said that while the digital ID platform vision advances, Microsoft and its partners will continue to submit the various WS-* protocols to standards bodies in a royalty-free manner.
As outlined by Microsoft in its metasystem white paper, the digital ID metasystem will build on top of two of the WS-* protocols: the WS-Trust and WS-Metadata Exchange ones. Security token servers and WS-SecurityPolicy-based clients that require user-identification-vertification will plug into this base.
According to Microsoft, "Examples of technologies that could be utilized via the metasystem include LDAP claims schemas, X.509, which is used in Smartcards; Kerberos, which is used in Active Directory and some UNIX environments; and SAML, a standard used in inter-corporate federation scenarios."
Microsoft envisions individual vendors building their own implementations of the digital ID metasystem. Microsoft is beginning to outline its own implementation, the elements of which will include:
Active Directory Active Directory Federation Services (part of the Windows Server 2003 R2 release due to ship this year) The "Indigo," or Windows communications systems, run time Infocard Infocard, which is similar to a virtual credit card or membership card, will be the common user interface for the Microsoft digital-ID metasystem, Stephenson said. |
"Infocards will let users select an identity," Stephenson explained.
Microsoft has been talking about its plans for InfoCard technology for more than a year. Company officials have said that Microsoft will build into future versions of Windows, starting with Longhorn, an InfoCard client.
Microsoft plans to make available a private developer preview of the InfoCard bits before the end of this month, Stephenson confirmed.
The Digital Identities feature is located in the control panel...
.
The interface allows you to create a new Personal card. These allow you to register and sign on to websites without filling out forms or using passwords. The information you enter gets stored in an encrypted file in your computer.
It also allows you to install a provider card. This is a card that would be issued to you by a third party (like a bank). To use that option, you will need to already have downloaded the card to your system...
In addition, you can restore backed up cards....
