Saturday, June 03, 2006

Infocard

Infocard is a Microsoft project for identity management in Windows Vista, Windows XP and Windows 2003. This will be a part of the WinFX initiative of Microsoft.

Digital Identity is the most commonly used component of the internet. So what is a digital identity? Let’s look at the real life example. Who are you? The answer to this question can differ based on the identification you provide at the time. For example, when you provide a company ID card for swapping, you are an employee. When you use a credit card, you are a bank customer. There are many more examples of identity in the form of passport, driving license etc.

So what could be the digital equivalent of the real world identities? Email address is the best and most easily understandable digital identity. Using an email address a person can identify himself. Other forms of digital identity on the internet could be the usernames of multiple sites like ebay.com or blogger.com. Other examples of digital identity could be the customer ID of the bank account. As of this writing, there is no easy way to manage digital identities. The easiest way to manage digital identity today is to provide a common username for all these identifications manually. This helps in easier memorizing and saves us from writing it down, which no security professional will agree to. However, this has its own challenge considering that different sites having different requirements for user names (digital identities). Some requirements include the restriction on the maximum length of the username which may not accommodate your commonly used username. This adds up to one exception to be remembered.

The aim of InfoCard is to provide a mechanism in which the users need to maintain a single digital identity which will link to all other identities. If it works as expected, you can imagine using the same username and password to access Yahoo Mail, GMail and Hotmail. Also using the same username to purchase a book from Amazon.com. Now that would be extremely cool. The challenge is to bring together the meta directories of multiple companies to facilitate collaboration. Microsoft uses its passport network successfully up to a certain extent for this. One identity gives you access to hotmail, Microsoft webcasts, MSN Messenger and more. However, this is still restricted to the Microsoft domain. Infocard aims at the entire digital world.

Microsoft is aiming to create a metasystem (system of systems) to address the incompatibility issue between multiple identity providers (like Amazon, Yahoo etc). All identity providers need to support a common protocol in order to share information with the metasystem.

Although the technology behind Infocard is a complex one, the end user experience should be easier than the existing system (where you have to remember multiple usernames and passwords). The following image from Microsoft helps convey the UI which will be used with Infocard. This application will contain the information about all the digital identities and provide a control to the user over when and what to send to whom. You can compare it with selecting a card to present while shopping at a store.


So what happens if your laptop gets stolen, with your Infocard in it? Does it means that the thief gets access to all your digital identities (including your name, address, age, credit card details)? The answer is no. Since Infocard will just be a front end application for the user and all the digital information about him will be stored in a secured site like Verisign from where the information will be retrieved each time the user chooses to use it.

For more information on Infocard visit here

0 Comments:

Post a Comment

<< Home

Free Website Counter
Free Web Counter Technology Blogs by Indian Bloggers Technology Blog Top Sites