Infrastructure // PC & Servers
News
2/26/2010
05:14 PM
Connect Directly
LinkedIn
Twitter
Google+
RSS
E-Mail
50%
50%

RSA: Microsoft Tries To Turn Shady Internet Trustworthy

The company is releasing software to improve the process of online identification and authentication.

Microsoft at the RSA Conference 2010 in San Francisco on Tuesday plans to introduce two new software products designed to enhance online identity management.

"Information is the new currency of crime and there's a lot of information on the Internet," explains Jules Cohen, director of Trustworthy Computing at Microsoft.

By advancing its vision of End-to-End Trust, Microsoft aims to "build a model that allows for authentication in the right places but not a model that requires it everywhere or destroys anonymity," explains Cohen.

To make that happen, the password has to die and a form of authentication that's more secure must rise to take its place. That's where U-Prove comes in.

Microsoft is releasing its U-Prove Cryptography specification and its Metasystem Integration specification under the Open Specification Promise, licensed under BSD. It is also releasing code, under BSD on its CodeGallery, in the form of a C# and Java crypto SDK.

Through Microsoft Connect, it is releasing its U-Prove Community Technology Preview, which includes ActiveDirectory Federation Services v2, Windows CardSpace v2, and Windows Identity Foundation.

Microsoft's Open Specification Promise represents the company's commitment to not make patent claims against certain technology implementations involving its intellectual property.

"We want to engage in broad conversation about how this technology can be used," said Brendan Foley, director of Microsoft's Identity and Security Division.

Microsoft acquired U-Prove from Credentica in 2008. U-Prove provides the cryptographic functions necessary to implement cross-domain identity and access management in conjunction with privacy enhancing features like selective information disclosure.

Microsoft also plans to release Forefront Identity Manager 2010, an identity and access management solution for enterprises.

The conversation that Microsoft wants to have about its identity technology has already led to a date of sorts in Germany.

Germany's Federal Ministry of the Interior is administering an e-government program to issue secure electronic identity cards (eID) starting in November 2010.

Microsoft has been working with Fraunhofer FOKUS in Berlin, Germany, to make this happen. The German eID project aims to allow students, for example, to register for courses, comment on courses, and buy books through Web sites affiliated with universities while providing the minimum required information in a way that can't be correlated or tracked across different Web sites. The goal is to simplify online identification and authentication while protecting user privacy.

Cohen says that we've pretty much figured out how to do identification and authentication in the real world. "We need the same kind of trust to be creatable online as it is offline," he said.

Comment  | 
Print  | 
More Insights
Server Market Splitsville
Server Market Splitsville
Just because the server market's in the doldrums doesn't mean innovation has ceased. Far from it -- server technology is enjoying the biggest renaissance since the dawn of x86 systems. But the primary driver is now service providers, not enterprises.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.