This morning I was hot-footing it across London in the soaring heat to attend the Microsoft Security Event.
My main reason for attending this event was to listen to Kim Cameron talk about “Advances in Digital Identity” which was scheduled as a full mornings discussion. The event started with an opening address from Ed Gibson (sorry, can’t find a decent link to a profile), Chief Security Advisor for Microsoft UK. I must admit, this is the first time I have heard one of his presentations and was amazingly impressed by his knowledge and experience. He gave a very light-hearted but serious message about cyber-crime and some of the problems that are faced today, together with details of how Microsoft are trying to address them.
Then the ‘main event’ kicked off with Kim’s presentation. Having followed Kim’s blog for some time I understood the “Identity Metasystem” and what
InfoCard, sorry MS CardSpace is trying to accomplish. However, it was great to see Kim talk with so much knowledge, enthusiasm and passion for the technologies that make us this vision. Whilst I have played about with the beta of InfoCard recently it was also very enlightening to see the full potential uses of the technology, especially surrounding managed cards and claim transformation. I think Microsoft has taken a set of open standards (SAML and WS-*) and produced a very clever implementation. The demos were very good at showing the potential capabilities that there are in the specification.
There were a few questions that I felt weren’t answered fully.
- MS has produced the “Identity Selector” which they claim is ultra-secure, runs in a protected subsystem etc etc. That is great for the MS platform but it will be interesting to see if the same level of security is adopted when other vendors/open source community produce identity selectors for their OS. In Kim’s words, MS has adopted a multi-layered approach to the security. Will other developers adopt the same approach or could they be the weak link in the chain?
- One of the questions that was bothering me (until someone else asked it) was whether InfoCards could be transferred between machines (e.g. work PC and home PC). The response was yes they could. However, this was not elaborated on so it was not clear exactly how this would be achieved.
- Another question was relating to the authentication to a managed card. In the demonstration, we were shown how a user authenticates to their managed card using a username and password. It was also explained that this could be pretty much any type of the authentication. However, the details about how this would be setup were not discussed. Is this programmatic?
I’m sure these questions will be answered in the fullness of time. After all, we are still in the early stages of this technology.
Unfortunately, I had to leave after Kim’s presentation so I missed the topics covered in the afternoon by the other speakers (as well as lunch). However, I was happy. I had got the information that I wanted from the event and felt a lot clearer about what MS CardSpace is all about.
Thanks for the great presentation Kim!