TechEd 2008: Claim-based Identity: "Geneva"
Technorati Tags:
TechEd 2008,
GenevaI have visit two sessions about “Geneva”. One done by David Chappell and one by Vittorio Bertocci.
Geneva (previously “Zermatt”) is the claim-based identity platform Microsoft is working on. In a claimed-based platform, you need 3 things:
- A Security Token Service (STS) that provides tokens (with claims). Read here about tokens and claims.
- An identity library
- An identity selector
Microsoft provides us with “Geneva” server (STS), “Geneva” framework (identity library) and “Geneva” Cardspace (identity selector). The best thing is that the platform supports open standards WS-Trust and SAML (2.0). This is great news, because with support for these open standards, it is possible to use a STS or a card selector from other vendors. Your are not tied-up to Microsoft.
After the sessions, the first thing I got in my mind was the 
for companies implementation in I did 3 years ago. DigiD is a sort of STS of the Dutch government. But … it only provides an authentication service (there are no any other claims possible). After authentication the application get a KvK-number (KvK = Chamber Of Commerce). And there we have the problem with DigiD. You have to implement additional stuff for Authorization and/or other claims.
Hopefully they (the DigiD organization) will look at the SAML and WS-Trust open standards and upgrade their system to make more claims possible. If they do, I believe the DigiD platform will be more successful.