Microsoft announced this week a new technology, TrustBridge, that will let businesses share user identity information between applications and organizations. Microsoft, IBM, and Verisign developed the new technology. A Microsoft spokesperson said, "TrustBridge technology will allow different organizations using the Windows operating system to exchange user identities and interoperate in heterogeneous environments using industry-standard XML Web services protocols including Kerberos, WS-Security, and forthcoming protocols in the WS-Security family. Federated identity management makes it easier for businesses to build deeper and more dynamic relationships with customers, partners, and suppliers, and helps mobile employees increase their productivity. ... WS-Security is a security specification that defines a standard set of Simple Object Access Protocol (SOAP) extensions or message headers for exchanging secure, signed messages in a Web services environment." <?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" />
The company also revealed a product roadmap, the Microsoft Federated Security and Identity Roadmap, that describes how the company's products, tools, and services build on the WS-Security specification to establish a federated model for user identity exchange. The company said that Microsoft.NET Passport will support SOAP messages over HTTP, add support for Kerberos, and embrace WS-Security by 2003. Microsoft will update Visual Studio .NET later this year to support WS-Security.
Sun Microsystems announced Liberty Alliance in September 2001, which is the company's effort to create a federated network of companies and security technology. Sun said Liberty Alliance is a "federated network identity model \[that\] will enable every business or user to manage their own data, and ensure that the use of critical personal information is managed and distributed by the appropriate parties, rather than a central authority. The role of the Liberty Alliance Project in all of this is to support the development, deployment and evolution of an open, interoperable standard for federated network identity."The Liberty Alliance includes more than 40 member companies from a wide variety of industries representing over a billion customers. Each alliance member company either owns and operates large communities of interest or is the developer of core technology that can enable a federation of online communities. A spokesperson for Sun said that membership in the Alliance is still open, and all organizations are invited and encouraged to join.