All about Infocard

All about Infocard

Summary: By the end of this month Microsoft's will be releasing a "technical preview" of InfoCard, a new framework for managing identities based on WS-* protocols. Microsoft is also rolling out other related technologies for federation.

SHARE:
TOPICS: Microsoft
1

By the end of this month Microsoft's will be releasing a "technical preview" of InfoCard, a new framework for managing identities based on WS-* protocols. Microsoft is also rolling out other related technologies for federation. It's a big deal if the industry can come up with a generally agreed upon, open approach to dealing with the large scale identity management problem. There's a lot of worthwhile reading material to get up to speed on this topic, starting with with various posts and papers on Infocard.

Bonus material:::

Identity Metasystem Architectural Diagram [Microsoft]

idaarch.jpg


The Laws of Identity
The "Laws of Identity" are intended to codify a set of fundamental principles to which any universally adopted, sustainable identity architecture must conform. The Laws were proposed, debated, and refined through a long-running, open, and continuing dialogue on the Internet. Taken together, the Laws define the architecture of the identity metasystem.

They are:

  1. User Control and Consent: Identity systems must only reveal information identifying a user with the user's consent.
  2. Minimal Disclosure for a Constrained Use: The identity system must disclose the least identifying information possible, as this is the most stable, long-term solution.
  3. Justifiable Parties: Identity systems must be designed so the disclosure of identifying information is limited to parties having a necessary and justifiable place in a given identity relationship.
  4. Directed Identity: A universal identity system must support both "omni-directional" identifiers for use by public entities and "uni-directional" identifiers for use by private entities, thus facilitating discovery while preventing unnecessary release of correlation handles.
  5. Pluralism of Operators and Technologies: A universal identity solution must utilize and enable the interoperation of multiple identity technologies run by multiple identity providers.
  6. Human Integration: Identity systems must define the human user to be a component of the distributed system, integrated through unambiguous human-machine communication mechanisms offering protection against identity attacks.
  7. Consistent Experience Across Contexts: The unifying identity metasystem must guarantee its users a simple, consistent experience while enabling separation of contexts through multiple operators and technologies.

Topic: Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • I'll believe when I see it...

    Too many entrenched interests playing defense to make this happen in anybody's lifetime. It's the same problem of why *nothing* concerning digital security has come out of homeland security since 9/11: the whole process is compromised by big entrenched vendors playing defense.
    ordaj@...