1 Reply Latest reply on Apr 3, 2008 5:55 PM by Anil Saldanha

    U Prove, sso holy grail?

    Scott Stark Master

      From http://www.wired.com/techbiz/it/news/2008/04/microsoft, never heard of it, can't seem to find much about it.

      In a move that could extend its already substantial presence in the realm of identity access and management, the software giant recently announced it had acquired the patents to the U-Prove technology developed by cryptographer Stefan Brands and his colleagues at the Montreal startup, Credentica.

      Implemented properly, the U-Prove algorithms could allow users to exercise absolute control over the information they release online; guarantee that whatever information they did release would not linger indefinitely; and make it impossible to hack, link or trace that information back to them.

      Unlike other privacy solutions, including Microsoft's current CardSpace system, U-Prove guarantees a user's privacy even in the face of collusion by identity providers and relying parties -- the very organizations that certify our online identities and require us to prove them.

      "It allows single sign-on, without every site you sign onto being able to link your account with every other site you sign onto," British privacy guru Ben Laurie writes in an e-mail interview.

      Many privacy experts see the acquisition as a shrewd move by the company, and a good thing for online privacy in general. Yet some have also voiced concern that Microsoft might lock Brands' algorithms into what Laurie calls a "proprietary Microsoft-technology silo."

      Both Brands and Kim Cameron, Microsoft's chief identity architect, are trying to assuage those fears.

      According to Cameron, the company wants to ensure interoperability between Microsoft and non-Microsoft privacy platforms, and has no intention of hoarding U-Prove. Cameron intends to integrate Brands' algorithms into Microsoft's existing identity-access-and-management platform by mid-2009, and plans to open the application programming interface to the world.

      Moreover, Brands says Microsoft is placing the technology under its Open Specification Promise, which amounts to a pledge not to sue anyone for patent infringement unless someone tries to sue Microsoft first. The intention, he says, is "to make it possible for anyone to use this technology whether they use Windows or not."


        • 1. Re: U Prove, sso holy grail?
          Anil Saldanha Master

          Kim Cameron's concept of an Identity Meta System is very interesting and appropriate for the myriad tech/specs that float around in the name of IdM. He provided an analogy of how there was ethernet, token ring etc etc in networking long long and then there came a TCP/IP based meta system to shield the underlying protocols/tech. But I am unsure whether card space is the right direction to reach that meta system.