Microsoft’s Identity Roadmap: On-Premise

In an earlier posting, I wrote about the Microsoft Identity Roadmap. I now want to look at Microsoft's on-premise identity offerings in greater detail. These include:

  • The "Geneva" Server (the project name "Geneva" will almost certainly change)
  • The "Geneva" Framework
  • The Microsoft Services Connector
  • Microsoft CardSpace "Geneva"

The "Geneva" Server is in beta now and is scheduled to ship in 2H 2009. It is an on-premise Security Token Server (STS) that runs on Windows Server/s. It has three major roles:

  • To provide authentication and authorization services to on-premise applications that employ the "Geneva" Framework.
  • To employ an organization's on-premise Active Directory (AD) as a repository of authentication and authorization data and policies.
  • To interface to other compliant STSs.
    • To provide access to on-premise Active Directory (AD) authentication and authorization data and policies.
    • To provide access to remote authentication and authorization data and policies.
  • Other compliant STSs identified in the roadmap include:
    • Other "Geneva" Servers
    • The Microsoft Federation Gateway
    • Third-party STSs

The "Geneva" Framework is in beta now and is scheduled to ship in 2H 2009. It is a Visual Studio (VS) Software Development Kit (SDK) that applications can employ to satisfy all of their identity (authentication, authorization, etc.) needs. This obviates the need for application-based identity establishing code.

The Microsoft Services Connector is in beta now and scheduled for release in 1H 2009. It is a cut-down STS, whose sole purpose is to federate an on-premise AD via the Microsoft Federation Gateway to the "cloud." It is not clear to this author whether Microsoft is employing an early release of this product for remote AD-based authentication and authorization by its Online offerings, or something else.

The Windows CardSpace Identity Selector is available now. It ships with Windows Vista (all versions) and is available as an optional update for Windows XP. CardSpace "Geneva" is in beta now and is scheduled to ship in 2H 2009. To quote Kim Cameron, it "is dramatically faster and smaller than the first version of CardSpace, and incorporates the feedback and ideas that have emerged from our customers and collaborators."

For users who wish to deep dive into any of these offerings, the following PDC 2008 presentations are available online:

... Nick Shelness

Post a comment

You must be logged in to post a comment. To comment, first join our community.