World Library  
Flag as Inappropriate
Email this Article

Windows CardSpace

Article Id: WHEBN0004086141
Reproduction Date:

Title: Windows CardSpace  
Author: World Heritage Encyclopedia
Language: English
Subject: .NET Framework, Information Card, .NET框架, .NET Framework 3.0, Microsoft account
Collection: .Net Framework, Discontinued Windows Components, Federated Identity, Identity Management, Web Services
Publisher: World Heritage Encyclopedia
Publication
Date:
 

Windows CardSpace

Windows CardSpace
A component of Microsoft Windows
The Windows CardSpace user interface
Details
Type Identity management system
Included with Windows Vista, Windows Server 2008, Windows 7 and Windows Server 2008 R2
Also available for Windows XP and Windows Server 2003
Service name Windows CardSpace (idsvc)
Description Securely enables the creation, management, and disclosure of digital identities.
Related components
Active Directory Federation Services
Windows Identity Foundation
Active Directory Rights Management Services

Windows CardSpace (codenamed InfoCard), is Microsoft's now-canceled client software for the Identity Metasystem. CardSpace is an instance of a class of identity client software called an Identity Selector. CardSpace stores references to users' digital identities for them, presenting them to users as visual Information Cards. CardSpace provides a consistent UI designed to help people to easily and securely use these identities in applications and web sites where they are accepted. Resistance to phishing attacks and adherence to Kim Cameron's "7 Laws of Identity"[1] were goals in its design.[2]

Contents

  • Overview 1
  • Retired 2
  • See also 3
  • References 4
  • Further reading 5
  • External links 6

Overview

When an Information Card-enabled application or website wishes to obtain information about the user, the application or website requests a particular set of claims from the user. The CardSpace UI then appears, switching the display to the CardSpace service, which displays the user's stored identities as visual Information Cards. The user selects the InfoCard to use and the CardSpace software contacts the issuer of the identity to obtain a digitally signed XML token that contains the requested information. CardSpace also allows users to create personal (also known as self-issued) Information Cards, which can contain one or more of 14 fields of identity information such as full name, address, etc. Other transactions may require a managed InfoCard; these are issued by a third party identity provider that makes the claims on the person's behalf, such as a bank, employer, or a government agency.

Windows CardSpace is built on top of the Web Services Protocol Stack, an open set of XML-based protocols, including WS-Security, WS-Trust, WS-MetadataExchange and WS-SecurityPolicy. This means that any technology or platform that supports WS-* protocols can integrate with CardSpace. In order to accept Information Cards, a website developer simply needs to declare an HTML tag that specifies the claims the website is demanding from the user and then implement code to decrypt the returned token and extract the claim values. If an Identity Provider wants to issue tokens, they must provide a means by which a user can obtain a managed card and provide a Security Token Service (STS) which handles WS-Trust requests and returns an appropriate encrypted & signed token. If an Identity Provider does not wish to build an STS, they will be able to obtain one from a variety of vendors including PingIdentity, BMC, Sun Microsystems, Microsoft, or Siemens, as well as other companies or organizations.

Because CardSpace and the Identity Metasystem upon which it is based are token-format-agnostic, CardSpace does not compete directly with other Internet identity architectures like OpenID and SAML. In some ways, these three approaches to identity can be seen as complementary.[3] Indeed, Information Cards can be used today for signing into OpenID providers, Windows Live ID accounts, SAML identity providers, and other kinds of services.

IBM and Novell will support[4] the Higgins trust framework to provide a development framework that includes support for Information Cards and the Web Services Protocol Stack, thus including CardSpace within a broader, extensible framework also supporting other identity-related technologies, such as SAML and OpenID.

Microsoft initially shipped Windows CardSpace with the .NET Framework 3.0, which runs on Windows XP, Windows Server 2003, and Windows Vista. It is installed by default on Windows Vista as well as Windows 7 and is available as a free download for XP and Server 2003 via Windows Update. An updated version of CardSpace shipped with the .NET Framework 3.5.

Retired

On February 15th 2011, Microsoft announced that Windows CardSpace 2.0 will not be shipped.[5] Microsoft is currently working on a replacement called U-Prove.[6]

See also

References

  1. ^ Kim Cameron (2005-05-01). "The Laws of Identity". Retrieved 2010-12-13. 
  2. ^ Kim Cameron, Michael B. Jones (January 2006). "Design Rationale behind the Identity Metasystem Architecture". Retrieved 2010-12-13. 
  3. ^ Three Digital Identity Standards
  4. ^ Novell Press Release
  5. ^ "Beyond Windows CardSpace". Claims-Based Identity Blog. Microsoft Corporation. 15 February 2011. Retrieved 23 July 2011. 
  6. ^ "U-Prove Home". Microsoft Connect. Microsoft Corporation. Retrieved 23 July 2011. 

Further reading

  • Vittorio Bertocci, Garrett Serack, Caleb Baker: Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities, December 27, 2007, Addison-Wesley, ISBN 0-321-49684-1
  • Identity Selector Interoperability Profile, Arun Nanda, April 2007.
  • An Implementer's Guide to the Identity Selector Interoperability Profile V1.0, Microsoft Corporation and Ping Identity Corporation, April 2007.
  • A Guide to Using the Identity Selector Interoperability Profile V1.0 within Web Applications and Browsers, Michael B. Jones, April 2007.
  • Microsoft Open Specification Promise, May 2007.

External links

Informational
  • A consumer introduction to Windows CardSpace
  • Microsoft Developer Network (MSDN) CardSpace page – Developer articles and technical documentation on Windows CardSpace.
  • Microsoft .NET Framework 3.0 Community (NetFx3) – CardSpace community site.
Software development
  • Microsoft Information Card Kit for ASP.NET 2.0 – ASP.NET Relying Party code to support CardSpace.
  • Microsoft Information Card Kit for HTML – platform-independent JavaScript and CSS code that detects if the client can use Information Cards and provides the corresponding UI support.
  • Open Source Ruby Relying Party code for accepting Information Cards.
  • Open Source Java Relying Party code for accepting Information Cards.
  • Open Source C and PHP Relying Party code for accepting Information Cards.
  • Open Source C Relying Party code for accepting Information Cards and Secure Token Service code for managed Information Cards.
  • Open Source PHP Secure Token Service code for managed Information Cards.
  • Open Source C# Secure Token Service code for managed Information Cards.
Identity selectors
  • Digital Me – an open source Identity Selector for Linux and Mac OS X
  • A plug-in for Apple's Safari implementing an Information Card identity selector.
  • A plug-in for Firefox to activate CardSpace and other identity selectors.
Blogs
  • Kim Cameron's Identity Weblog – Information from Microsoft's architect for identity.
  • Mike Jones' blog – Information on CardSpace, Information Cards, and the Digital Identity from Microsoft's Director of Identity Partnerships.
  • Vittorio Bertocci's Weblog – Information on designing and developing with CardSpace from Microsoft's architect evangelist for Windows Server 2008.
  • CardSpace team blog – Information on CardSpace from the CardSpace team itself.
This article was sourced from Creative Commons Attribution-ShareAlike License; additional terms may apply. World Heritage Encyclopedia content is assembled from numerous content providers, Open Access Publishing, and in compliance with The Fair Access to Science and Technology Research Act (FASTR), Wikimedia Foundation, Inc., Public Library of Science, The Encyclopedia of Life, Open Book Publishers (OBP), PubMed, U.S. National Library of Medicine, National Center for Biotechnology Information, U.S. National Library of Medicine, National Institutes of Health (NIH), U.S. Department of Health & Human Services, and USA.gov, which sources content from all federal, state, local, tribal, and territorial government publication portals (.gov, .mil, .edu). Funding for USA.gov and content contributors is made possible from the U.S. Congress, E-Government Act of 2002.
 
Crowd sourced content that is contributed to World Heritage Encyclopedia is peer reviewed and edited by our editorial staff to ensure quality scholarly research articles.
 
By using this site, you agree to the Terms of Use and Privacy Policy. World Heritage Encyclopedia™ is a registered trademark of the World Public Library Association, a non-profit organization.
 



Copyright © World Library Foundation. All rights reserved. eBooks from Project Gutenberg are sponsored by the World Library Foundation,
a 501c(4) Member's Support Non-Profit Organization, and is NOT affiliated with any governmental agency or department.