For anyone who has followed my blogs around developing an STS or writing authorization policies you will be very interested in Kim Cameron's announcement at PDC of the Geneva Identity Management platform. Genvea includes:
- Geneva Framework - A .NET framework for writing interoperable, claims aware applicatoins
- Geneva STS - An STS integrated with AD. Supports issuance (finally) and consumption of Cardspace Cards.
- CardSpace Geneva - A federation client
In addition to these framework like components, there are also a couple of services (biult using Geneva) including:
Microsoft Federation Gateway - Provides the basis for the Microsoft Services Identity backbone - brokering access to Microsoft cloud applications and developre services
Microsoft Connector Services - Federates AD to the Microsoft Federation Gateway. Provides lightweight access to the federation gateway.
.NET Access Control Service - Next generation service (STS) that performs claims transformation. It receives authentication information and issues authz decisions. This includes a management portal and API's for managing and writing authz policies.
I haven't had a chance to play with any of these tools yet, but will be very interested to see how the Access Control Service's capabilities compare with SecPAL... 🙂