Microsoft on May 11 released Beta 2 of its upcoming next-generation identity management solution, code-named Geneva.

Brendan Foley, director of Product Management for Microsoft's Identity & Security Business Group, told eWEEK that the Geneva platform simplifies access to applications and systems. Geneva is slated for release in the second half of 2009, Foley said.

Microsoft released Geneva Beta 2 at its TechEd North America conference in Los Angeles. TechEd North America runs May 11 to 15.

A Microsoft description of Geneva said:

Code Name "Geneva" is Microsoft's user access platform for developers and IT professionals that helps simplify access to applications and other systems with an open claims-based model. "Geneva" helps simplify user access for developers by externalizing user access from applications via claims and reducing development effort with pre-built security logic and integrated .NET tools. "Geneva" helps IT efficiently deploy and manage new applications by reducing custom implementation work, centralizing and standardizing access management across the enterprise, helping establish a consistent security model, and facilitating seamless collaboration between organizations.

Resource Library:

Geneva helps solve the issue of identity-based access to applications, which can be costly for developers, who have typically had to hand-code integrations to different access control systems and mechanisms.

However, the advent of cloud-based services where organizations want to federate identity from the cloud to on-premises applications calls out for a solution like Geneva, Foley said.

According to Microsoft:

"Geneva" includes three components for enabling claims-based access. Beta 2 of the following components are now available for public evaluation:

·  "Geneva" Server security token service (STS) supports the WS-Trust, WS-Federation, and SAML 2.0 protocols to enable secure single sign-on across organizations, platforms, and applications.

·  Windows CardSpace "Geneva" for helping users navigate access decisions and for developers to build customer authentication experiences for users

·  "Geneva" Framework for building .NET applications that use claims to make user access decisions.

Moreover, in a Microsoft Forefront team blog post, the team said:

"Geneva" is part of our Business Ready Security strategy, and supports the tenets of "integrating and extending security across the enterprise" and helping to "protect everywhere, access anywhere" through support of heterogeneous environments and interoperability with third party solutions.

Speaking of which, with beta 2 we're announcing plans for interoperability between "Geneva" and identity and access solutions from leading partners, including CA Federation Manager and CA SiteMinder, Novell Access Manager, SAP NetWeaver and Sun OpenSSO Enterprise and Fedlet software. We are issuing interoperability white papers with these partners and at TechEd this week SAP is presenting on their work with "Geneva."

Foley said Geneva is indeed part of the Microsoft Business Ready Security vision the company laid out at the RSA Conference in April.

Foley also noted that Beta 2 of Geneva has three new features. One is the ability to federate document collaboration with SharePoint 2007 with authorization, to allow federated access to SharePoint servers. Another new feature is built-in Visual Studio templates to help developers apply pre-built application authentication, attribute lookup and authorization for richer, more secure applications without becoming a security or directory expert. And a third new feature of Geneva Beta 2 is the ability to establish federation with the Microsoft Federation Gateway to provide single sign-on capability to Microsoft online servers and to other external services, such as Google, through SAML (Security Assertion Markup Language) 2.0, Foley said.

Microsoft said Geneva addresses several user organization challenges, such as developing complex identity-aware applications, implementing cross-organization single sign-on, accessing hosted and cloud services, and administering access management complexity.