Microsoft Corp. last week announced plans for a technology called TrustBridge, which it said will help businesses securely share customer identity information.
Scheduled for release next year, the technology is roughly analogous to the companys .Net Passport service, which stores consumer identity data and enables single sign-on across multiple Web sites. Microsoft said TrustBridge will allow businesses to securely authenticate and share user identities across business and security boundaries.
TrustBridge will run on Unix platforms as well as Windows and will support the use of Kerberos 5.0, a widely deployed authentication technology.
“We see the world evolving beyond the four walls of the enterprise, particularly with things like outsourcing going on,” said Adam Sohn, product manager for the .Net strategy group, in Redmond, Wash. “Maintaining security under these kinds of circumstances requires twice as much overhead. So it would be much more efficient if we could accept the identity generated by somebodys employer. We need to get to a world where identity can flow between organizations.”
The announcement marks a shift in direction for Microsoft, which until now has focused its Web services efforts solely on its Windows platform. By adding interoperability and federation, the company seems to be making an overture to the Sun Microsystems Inc.-led Liberty Alliance, which is also working on a Web-based identity specification.
Sun and other members of the Liberty Alliance have been critical of Microsofts plans to restrict the use of .Net Passport to Windows. Although TrustBridge will be linked to Active Directory, Microsoft officials said companies will be able to deploy it to share identities with other organizations on any operating system that supports Kerberos 5.0.
Microsoft will add support in several of its upcoming products for the new Web Services-Security family of protocols it developed with IBM and VeriSign Inc. Among those products due to include such support are .Net Passport, which will add support for Kerberos and WS-Security next year, and Visual Studio .Net.
