SAN DIEGO—It’s been two years since Microsoft issued any official pronouncements on “TrustBridge,” its collection of federated identity-management technologies slated to go head-to-head with competing technologies backed by the Liberty Alliance.
When Microsoft went public with its TrustBridge plans in June 2002, Redmond officials said to expect the first TrustBridge deliverables to hit in 2003 and published a “Federated Security and Identity Roadmap” document (which the company has since removed from its Web site).
But TrustBridge has been a complete no-show. Until now.
At the TechEd 2004
conference here this week, Microsoft execs offered an updated look at where TrustBridge is now, and how Microsoft plans to deliver new products that take advantage of the concept.
Microsoft has merged its Active Directory and federated services teams, company officials acknowledged. This is the team that now spearheads the TrustBridge work. But, beyond that point, Microsoft officials declined repeated requests for comment on TrustBridge specifics.
Despite the lack of direct comment, Microsoft officials said plenty during presentations at TechEd here.
Federated identity management, according to Mike Neuburger, a program manager with Microsoft’s Active Directory/federated services group, who presented at TechEd on Tuesday, is “the ability to bridge islands of identities.”
Neuburger said Microsoft’s goal with federation is to enable interoperability across organizational and platform boundaries. Microsoft wants to connect securely with Windows “forests,” with other WS*- compliant (Web services) vendors and with Microsoft’s own Passport Internet authentication technology.
There were very few mentions of Passport in any TechEd presentations on identity management. This is a sharp departure from 2002, when Passport was touted as a key component of Microsoft’s TrustBridge strategy.
Currently, Microsoft officials are actively shunning the TrustBridge code name. Instead, they are focusing much of their efforts on “Active Directory Federation Service” (ADFS), a technology that is slated to be part of the “R2” Windows Server release that is due to ship next year.
ADFS adds federated identity support to Active Directory via Web services, especially those adhering to the WS-Security and WS-Federation specifications.
Read more here about the WS-Security standard, and Microsoft and Sun’s cooperation.
ADFS will “extend Active Directory to enable single sign-on to external Web applications and Web services using existing organizational identities,” according to one PowerPoint slide from a presentation on federated identity management at TechEd.
Microsoft briefly demonstrated ADFS as part of Server and Tools Vice President Andy Lees’ keynote address on Tuesday here.
But ADFS is only one piece of Microsoft’s new and improved identity-management puzzle, it seems.