Product Watch: New Microsoft Identity Technology Aims To Protect Online Privacy

Microsoft debuts U-Prove, rolls out Forefront Identity Manager
SAN FRANCISCO -- RSA Conference 2010 -- Microsoft here yesterday launched new software that helps protect user's online privacy using a new, simplified cryptographic technology. The software giant also announced a new enterprise identity and access management product.

U-Prove, which deploys minimal-disclosure tokens that allow a user to specify exactly which information he will disclose to each Website, helps eliminate privacy risks of unnecessary information disclosure on Websites.

"It allows you to have multiple IDs ... without having to reveal too much [unnecessary] information [online]," said Scott Charney, corporate vice president for trustworthy computing at Microsoft, in his keynote here yesterday.

Microsoft is offering up its U-Prove cryptographic specification for community input, and has developed reference implementations with the crypto technology under the BSD open-source license and MSDN Code Gallery.

"This is a new crypto technology we're bringing to market," says Steve Lipner, Microsoft's senior director of security engineering strategy for the Trustworthy Computing Group. "U-Prove provides a new functionality that lets us get better privacy and better security because we're not using a new password for each [Website]," he says. "As the authenticating party, I get to choose how much information I supply."

Lipner says Microsoft has yet to determine just what form factor U-Prove would take, but it could be a contactless smart card. It could serve as replacement for existing bank login and password authentication technologies as well, he says.

Microsoft also revealed a prototype project it has under way with The Fraunhofer Institute for Open Communication Systems in Berlin, where U-Prove and the Microsoft identity platform are working with the German government's electronic identity cards.

Meanwhile, Microsoft's new Forefront Identity Manager 2010 replaces Microsoft's Identity Lifecycle Manager 2007 and includes end-user self-service ID management features as well as automated tools for IT managers.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Editors' Choice
Kelly Jackson Higgins 2, Editor-in-Chief, Dark Reading