Microsoft will be making announcements about its strategy for managing user identities this week that could well end speculation about its plans for implementing federated identity technology into its products.
The Redmond, Washington, company's Windows Server division is planning an announcement on Wednesday, according to a company spokeswoman.
While Microsoft is not providing details about the announcement, the news will reportedly involve initiatives involving Microsoft and identity management company Oblix.
A spokeswoman for Oblix said that the company would be "part of [the] plan" Microsoft announces on Wednesday.
Microsoft has long-standing relationships with independent software vendors (ISVs) like Oblix and OpenNetworks Technologies Inc.
The company calls on Oblix's NetPoint and OpenNetworks DirectorySmart to tie Windows networks using Microsoft's Active Directory service to other non-Windows directory systems that rely on user authentication technology such as Kerberos, according to John Pescatore, an analyst at Gartner.
At stake may be the future of Microsoft's "TrustBridge" federated identity technology.
Microsoft announced TrustBridge just over a year ago, saying that the new technology would enable businesses using Windows to share user identity information and interoperate across heterogenous environments using Web services protocols such as Kerberos and SOAP (Simple Object Access Protocol). The technology was supposed to be released in 2003, but was left out of Windows Server 2003 and Microsoft has had little to say about its status.
An announcement next week that highlights the identity management technology of ISVs such as Oblix could mean that Microsoft is moving away from plans to develop its own cross-platform identity management technology, Pescatore said.
"Maybe they're going to focus on making Windows work the best it can and rely on ISVs to integrate (Windows) into the tiny world of pure Unix using Kerberos," he said.
Among other things, Microsoft needs to clarify its intentions regarding the adoption of SAML (Security Assertion Markup Language), the XML-based authentication framework.
The company backed XRML (Extensible Rights Markup Language) for access control, but will need to support SAML as well to be fully interoperable with non-Windows environments, Pescatore said.
Pescatore anticipates that Microsoft will probably offer new guidance on the TrustBridge initiative, perhaps fleshing the technology out or providing clearer benchmarks for its identity management strategy.
Few companies are clamoring for the cross-enterprise, federated identity systems that TrustBridge, .Net Passport or the Liberty Alliance are promising, according to Pescatore.
"We're still seeing zero user pull for this stuff," he said.
Despite the lack of demand, however, Microsoft and its adversaries in the Liberty Alliance are still jockeying for control of the identity management space, Pescatore said.
"I think it's a question of who owns the hilltop when the troops come in," he said.
With its .Net Passport technology tied to its Windows operating system and MSN ISP (Internet service provider) operation, Microsoft has done a good job at building a large group of users who rely on that federated identity technology. The question remains of how well Passport or technology based on Liberty Alliance specifications will suit companies that might be interested in deploying some federated identity technology, such as other ISPs, cellular phone companies or credit card companies, Pescatore said.
"What will give us an indication that something is happening on either side of the Liberty Alliance-Passport debate is a major player saying 'I am issuing Liberty Alliance or Passport based identities to my five million customers or users,'" Pescatore said.
"That's the really important thing: that somebody issues identities to a big customer base, and they start to get used," he said.