Microsoft plays nice with identity systems

Microsoft has unveiled open source projects that assist developers in accepting information cards

Microsoft has unveiled a series of projects that promote interoperability between competing identity systems. 

The software vendor has kicked off four open source projects that assist developers in accepting so-called information cards, verified credentials issued by identity meta systems.

The developer tools instruct the system about the application's security policy and determine the credentials that require verification. Microsoft's Visual Studio.Net developer tool already supports information cards.

The new open source project will bring such capabilities to Java applications running on Apache Tomcat, IBM or Sun Microsystems application servers and to Ruby on Rails and PHP for the Apache web server.

Another project implements a C Library for use on any website or service.

Information cards are a fundamental element in an identity meta system. Rather than requiring each application or website to verify the identity of a user, a meta system passes on such credentials between the end user, a service or application and identity providers.

It operates similarly to a doorman outside a bar who places a stamp on the hand of patrons of legal drinking age, translating an identity card or driving licence into a credential that the barman can easily understand and verify.

In computer terms, an identity meta systems adds an abstraction layer that translates between users, applications and identity providers. It bridges standards such as Microsoft's Infocard and the Liberty Alliance. 

Microsoft developed the idea for an identity meta system in 2004 in response to its failed Passport online identity system.  

The company initially pitched Passport as a way to provide a universal login for e-commerce sites and other online service. But potential partners and end users did not trust Microsoft's security and anti-trust record.

Microsoft also has released the Identity Selector Interoperability Profile under its Open Specification Promise (OSP) which lets developers build identity selectors.

The OSP is a licence that allows for adoption in open source software and offers end users and developers a patents pledge.