ActiveDirectoryFederationServices
Last edit November 3, 2010
ActiveDirectory
is a core Microsoft Server product, and
ActiveDirectoryFederationServices
(code name TrustB
ridge) is an
IdentityManagement
scheme for related servers that will be made available in
WindowsServerTwoThousandThree
R2 upgrade.
See a 20 page overview document at
http://download.microsoft.com/download/d/8/2/d827e89e-760a-40e5-a69a-4e75723998c5/ADFS_Overview.doc
A key advantage of this
InformationSecurity
related offering is to protect intranets that need to be linked up to less than trustworthy
WirelessDevices
. Thus a single external firewall will no longer be adequate to protect corporate networks.
Aha, another WS-
ReinventTheWheel
. Can anyone tell us why we should take this seriously, complete with new language etc? Check out SAML2.0/Liberty etc.
Response to R
ichardHenderson query
You may be interested in May05 article "Microsoft's Vision for an Identity Metasystem" where relationship between the
OasisOrganization
SecurityAssertionMarkupLanguage
specs and implementation is discussed. See
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwebsrv/html/identitymetasystem.asp
After you are through, pls move the above link to Resources section in
WebServicesInteroperabilityConcerns
. You may wish to add your views to that page instead.
DeleteWhenCooked
See also
WebServicesInteroperabilityConcerns
CategoryMicrosoft