Microsoft Azure Supports Federated ID - InformationWeek
Cloud // Software as a Service
12:29 PM
Connect Directly

Microsoft Azure Supports Federated ID

A federated identity can be used to provide a single sign on to multiple applications, both in the enterprise and in the cloud.

"In this model, developers don't have to program identity management into the application. It comes to them," said Cameron. He is the former VP of Technology at Zoomit, a Toronto firm acquired by Microsoft in 1999. Zoomit invented meta directories to coordinate identity based on multiple directories and other heterogeneous sources. A security certificate is an identifier, provided an automated check on it shows that the certificate is still active and not expired.

The platform follows WS-Federation, an identity management standard supported by IBM, BMC, Verisign, CA, and the former BEA Systems, now part of Oracle, and the Security Assertion Markup Language standard. While other firms support the federated identity approach, Microsoft's implementation of a claims-based architecture remains its own variation on the specifications.

Both and GoogleApps employ federated identity management based on the WS-Federation standard, said Gerry Gebel, analyst with the Burton Group.

"It’s not a new concept to have the identity management externalized from the application. It's been a goal of enterprise architects for many years," he said. But not all cloud vendors are going to extend federated identity management services or products in quite the way Microsoft has with its implementation of Microsoft Identity Platform. leaves identity management to the customer beyond a bare-bones, application activation requirement.

"Many software-as-a-service vendors still do identity management in a proprietary manner," where the user identification and authentication is good for only that vendor's online application services.

The supporters of WS-Federation, SAML and other standards are moving toward an online world in which one sign-on will carry the user into the realm of cross-vendor applications, with his identity moving with him.

2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll