"Information is the new currency of crime and there's a lot of information on the Internet," explains Jules Cohen, director of Trustworthy Computing at Microsoft.
By advancing its vision of End-to-End Trust, Microsoft aims to "build a model that allows for authentication in the right places but not a model that requires it everywhere or destroys anonymity," explains Cohen.
To make that happen, the password has to die and a form of authentication that's more secure must rise to take its place. That's where U-Prove comes in.
Microsoft is releasing its U-Prove Cryptography specification and its Metasystem Integration specification under the Open Specification Promise, licensed under BSD. It is also releasing code, under BSD on its CodeGallery, in the form of a C# and Java crypto SDK.
Through Microsoft Connect, it is releasing its U-Prove Community Technology Preview, which includes ActiveDirectory Federation Services v2, Windows CardSpace v2, and Windows Identity Foundation.
Microsoft's Open Specification Promise represents the company's commitment to not make patent claims against certain technology implementations involving its intellectual property.
"We want to engage in broad conversation about how this technology can be used," said Brendan Foley, director of Microsoft's Identity and Security Division.
Microsoft acquired U-Prove from Credentica in 2008. U-Prove provides the cryptographic functions necessary to implement cross-domain identity and access management in conjunction with privacy enhancing features like selective information disclosure.
Microsoft also plans to release Forefront Identity Manager 2010, an identity and access management solution for enterprises.
The conversation that Microsoft wants to have about its identity technology has already led to a date of sorts in Germany.
Germany's Federal Ministry of the Interior is administering an e-government program to issue secure electronic identity cards (eID) starting in November 2010.
Microsoft has been working with Fraunhofer FOKUS in Berlin, Germany, to make this happen. The German eID project aims to allow students, for example, to register for courses, comment on courses, and buy books through Web sites affiliated with universities while providing the minimum required information in a way that can't be correlated or tracked across different Web sites. The goal is to simplify online identification and authentication while protecting user privacy.
Cohen says that we've pretty much figured out how to do identification and authentication in the real world. "We need the same kind of trust to be creatable online as it is offline," he said.