Amid the growing buzz around identity management, Microsoft is trying to pull together a platform that would offer corporations entry into a new generation of end-user management, security and regulatory compliance.
The software giant is tuning its client, servers and gateway software to align with the basic tenets of identity management, namely authentication, user management, access management and directory services. To date the existing pieces lack cohesion and some aspects are missing altogether such as Web-based access management.
Thankfully for Microsoft, many competitors are facing similar construction projects. Additionally, corporate customers are far from deploying expansive identity management platforms, preferring to pick off focused projects such as Web-based single sign-on. The goal for Microsoft and others such as HP, IBM, Novell, Oracle and Sun is to provide an infrastructure that will support the federation of identities across secure corporate boundaries using XML-based Web services standards. Standardizing identity mechanisms will help cut costs, personalize access and ensure privacy.
For its part, Microsoft is banking its success on Windows Server 2003, Active Directory, Active Directory Application Mode, its recently revamped metadirectory server called Microsoft Identity Integration Server, and partnerships with vendors such as Netegrity and Oblix to fill the hole for Web access management. Also in the mix is a mish-mash of tools the company hopes to pull together under the identity management banner. Those include its Authorization Manager in Windows 2003, for building role-based access management controls, Audit Collection System to track changes made to user identities or access rights, BizTalk Server 2004 to support integration of platforms and basic workflows that help automate the creation and deletion of user accounts.