The platform follows WS-Federation, an identity management standard supported by IBM, BMC, Verisign, CA, and the former BEA Systems, now part of Oracle, and the Security Assertion Markup Language standard. While other firms support the federated identity approach, Microsoft's implementation of a claims-based architecture remains its own variation on the specifications.
Both Salesforce.com and GoogleApps employ federated identity management based on the WS-Federation standard, said Gerry Gebel, analyst with the Burton Group.
"It’s not a new concept to have the identity management externalized from the application. It's been a goal of enterprise architects for many years," he said. But not all cloud vendors are going to extend federated identity management services or products in quite the way Microsoft has with its implementation of Microsoft Identity Platform. Amazon.com leaves identity management to the customer beyond a bare-bones, application activation requirement.
"Many software-as-a-service vendors still do identity management in a proprietary manner," where the user identification and authentication is good for only that vendor's online application services.
The supporters of WS-Federation, SAML and other standards are moving toward an online world in which one sign-on will carry the user into the realm of cross-vendor applications, with his identity moving with him.