As part of its plan to promote identity management across multiple platforms, Microsoft is funding several new projects to develop open-source versions of its digital-identity technology for information cards.
The company also released another specification for building a web-based architecture to support centralised digital identity, called the Identity Metasystem, under its Open Specification Promise (OSP) programme. OSP, launched last September, gives developers access to web services protocols Microsoft has developed over the years without the need for a licence or fear of legal action from the vendor.
Microsoft’s Identity Selector Interoperability Profile (ISIP), which helps identity providers share digital identity information, is now available under OSP, says Jean Paoli, general manager for interoperability and XML architecture at Microsoft.
Using digital-identity information across multiple networks will allow web users to sign on once across different websites, and also allow those providing identity verification and management to share information safely across systems and sites.
ISIP includes several of Microsoft’s XML-based web services specifications, such as Web Services Trust and Web Services Security Policy, which together offer a standard framework to protect user identities when they are being passed between different systems. This happens in online transactions or other scenarios where user information is shared over a network.
The new open-source projects will develop information card implementations for Java for Sun Java System Web Server, Apache Tomcat or IBM’s WebSphere Application Server; the Ruby on Rails rich-internet application framework ; and PHP for the Apache Web Server. SourceForge.net and RubyForge.org are hosting the projects, and they will also be available on Microsoft’s CodePlex site, which hosts open-source projects.
Microsoft is also funding another project to implement a library for the C programming languages which can be used by any website or service to leverage information cards on Windows using Microsoft’s Visual Studio developer toolkit.
Additionally, Microsoft is collaborating with KERNEL Networks and the Oxford Computer Group to provide an OpenLDAP adapter for Microsoft Identity Lifecycle Manager 2007, Microsoft’s software that allows the lifecycle of a user’s identity to be securely managed on a network, Paoli says.
“When you store this info it can be synchronised not only on [Microsoft] Active Directory but also on any open-source OpenLDAP directory,” he says.
All of the projects should have technology previews available by the end of June, Paoli adds.
Microsoft has been sending mixed messages to the open-source community lately.
On one hand, with projects like the ones unveiled Wednesday, it’s clear Microsoft sees the need to open up some of its technology and protocols so other systems can communicate easily with Windows-based systems.
On the other hand, company executives have said they are determined to collect royalties on technologies they have patented, 235 of which the company said Linux as well as other open-source software breaches.