RSA 2009: Microsoft looks to tailor access management for the cloud computing age

Scheme aims to lighten the burden on administrators

Microsoft on Tuesday revealed a planned expansion to its future security approach.

Corporate vice president of Trustworthy Computing Scott Charney told a crowd at the RSA conference in San Francisco that the company was planning new security offerings designed to ease the management of identity and authentication information.

Charney said that the company was working on a new server initiative as part of its 'Geneva' project. The service allows administrators to use small pieces of authentication data to authorise access to web services and materials.

Microsoft hopes the new system will allow for safe and controlled access without putting the burden on administrators to handle large lists of user privileges and access rights. At the same time, Charney sees the new system leading to better security and more accurate authentication.

"We have an identity meta-system that allows us to achieve the right objectives," said Charney.

"Essentially what [Geneva] does is allow you to pass claims about a person instead of the full identity."

For Charney, Geneva is part of a larger plan for extending security protections into the era of web-based services and cloud computing. He argued that the current approach of combining secure coding practices with multi-level security protections and so-called mitigation tools such as filters was simply not enough.

"While it's important work that has to continue, it is wrong to say that will ever be enough," he said.

"We need a different model for thinking about identity, one that allows authentication in the right places."