x
Home
Search
Topics
Almanac
Science
Nature
People
History
Society
Signup
Login
HOME
TOPICS
ALMANAC
SCIENCE
NATURE
PEOPLE
HISTORY
SOCIETY
PHILOSOPHY
Windows CardSpace
Topic Home
Discussion
0
Encyclopedia
Windows CardSpace is Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...

's now-canceled client software for the Identity Metasystem. CardSpace is an instance of a class of identity client software called an Identity Selector. CardSpace stores references to users' digital identities
Digital identity
Digital identity is the aspect of digital technology that is concerned with the mediation of people's experience of their own identity and the identity of other people and things...

 for them, presenting them to users as visual Information Card
Information Card
Information Cards are personal digital identities that people can use online, and the key component of Identity metasystems. Visually, each Information Card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select...

s. CardSpace provides a consistent UI
User interface
The user interface, in the industrial design field of human–machine interaction, is the space where interaction between humans and machines occurs. The goal of interaction between a human and a machine at the user interface is effective operation and control of the machine, and feedback from the...

 designed to help people to easily and securely use these identities in applications and web sites where they are accepted. Resistance to phishing
Phishing
Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT...

 attacks and adherence to Kim Cameron
Kim Cameron (computer scientist)
Kim Cameron is a computer scientist who is currently Microsoft's Chief Architect of Access. He is the originator of the 7 Laws of Identity, and developed the InfoCard architecture....

's "7 Laws of Identity" were goals in its design.

Overview

When an Information Card
Information Card
Information Cards are personal digital identities that people can use online, and the key component of Identity metasystems. Visually, each Information Card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select...

-enabled application or website wishes to obtain information about the user
User (computing)
A user is an agent, either a human agent or software agent, who uses a computer or network service. A user often has a user account and is identified by a username , screen name , nickname , or handle, which is derived from the identical Citizen's Band radio term.Users are...

, the application or website requests a particular set of claims from the user. The CardSpace UI then appears, switching the display to the CardSpace service, which displays the user's stored identities as visual Information Card
Information Card
Information Cards are personal digital identities that people can use online, and the key component of Identity metasystems. Visually, each Information Card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select...

s. The user selects the InfoCard to use and the CardSpace software contacts the issuer of the identity to obtain a digitally signed
Digital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...

 XML
XML
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....

 token that contains the requested information. CardSpace also allows users to create personal (also known as self-issued) Information Cards, which can contain one or more of 14 fields of identity information such as full name, address, etc. Other transactions may require a managed InfoCard; these are issued by a third party identity provider that makes the claims on the person's behalf, such as a bank, employer, or a government agency.

Windows CardSpace is built on top of the Web Services Protocol Stack
Web Services Protocol Stack
A web service protocol stack is a protocol stack that is used to define, locate, implement, and make Web services interact with each other...

, an open set of XML
XML
Extensible Markup Language is a set of rules for encoding documents in machine-readable form. It is defined in the XML 1.0 Specification produced by the W3C, and several other related specifications, all gratis open standards....

-based protocols, including WS-Security
WS-Security
WS-Security is a flexible and feature-rich extension to SOAP to apply security to web services. It is a member of the WS-* family of web service specifications and was published by OASIS....

, WS-Trust
WS-Trust
WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure...

, WS-MetadataExchange
WS-MetadataExchange
WS-MetaDataExchange is a Web Services protocol specification, published by BEA Systems, IBM, Microsoft, and SAP. WS-MetaDataExchange is part of theWS-Federation roadmap; and is designed to work in conjunction with WS-Addressing, WSDL and WS-Policy to allow retrieval of metadataabout a Web...

 and WS-SecurityPolicy
WS-SecurityPolicy
is a WS* specification, created by IBM and 12 co-authors, that has become an OASIS standard as of version 1.2. It extends the fundamental security protocols specified by the WS-Security, WS-Trust and WS-SecureConversation by offering mechanisms to represent the capabilities and requirements of web...

. This means that any technology or platform that supports WS-* protocols can integrate with CardSpace. In order to accept Information Cards, a website developer simply needs to declare an HTML
HTML
HyperText Markup Language is the predominant markup language for web pages. HTML elements are the basic building-blocks of webpages....

  tag that specifies the claims the website is demanding from the user and then implement code to decrypt the returned token and extract the claim values. If an Identity Provider wants to issue tokens, they must provide a means by which a user can obtain a managed card and provide a Security Token Service (STS) which handles WS-Trust
WS-Trust
WS-Trust is a WS-* specification and OASIS standard that provides extensions to WS-Security, specifically dealing with the issuing, renewing, and validating of security tokens, as well as with ways to establish, assess the presence of, and broker trust relationships between participants in a secure...

 requests and returns an appropriate encrypted & signed token. If an Identity Provider does not wish to build an STS, they will be able to obtain one from a variety of vendors including PingIdentity, BMC
BMC Software
BMC Software, Inc. is a multinational corporation specializing in Business Service Management software, with record annual revenue in fiscal 2009 of $1.87 billion...

, Sun Microsystems
Sun Microsystems
Sun Microsystems, Inc. was a company that sold :computers, computer components, :computer software, and :information technology services. Sun was founded on February 24, 1982...

, Microsoft
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...

, or Siemens
Siemens
Siemens may refer toSiemens, a German family name carried by generations of telecommunications industrialists, including:* Werner von Siemens , inventor, founder of Siemens AG...

, as well as other companies or organizations.

Because CardSpace and the Identity Metasystem upon which it is based are token-format-agnostic, CardSpace does not compete directly with other Internet identity architectures like OpenID
OpenID
OpenID is an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities...

 and SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...

. In some ways, these three approaches to identity can be seen as complementary. Indeed, Information Cards can be used today for signing into OpenID
OpenID
OpenID is an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities...

 providers, Windows Live ID
Windows Live ID
Windows Live ID is a single sign-on web service developed and provided by Microsoft that allows users to log in to many websites using one account...

 accounts, SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...

 identity providers, and other kinds of services.

IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...

 and Novell will support the Higgins trust framework
Higgins trust framework
Higgins is an open source project dedicated to giving individuals more control over their personal identity, profile and social network data.The project is organized into three main areas:...

 to provide a development framework that includes support for Information Card
Information Card
Information Cards are personal digital identities that people can use online, and the key component of Identity metasystems. Visually, each Information Card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select...

s and the Web Services Protocol Stack
Web Services Protocol Stack
A web service protocol stack is a protocol stack that is used to define, locate, implement, and make Web services interact with each other...

, thus including CardSpace within a broader, extensible framework also supporting other identity-related technologies, such as SAML
SAML
Security Assertion Markup Language is an XML-based open standard for exchanging authentication and authorization data between security domains, that is, between an identity provider and a service provider...

 and OpenID
OpenID
OpenID is an open standard that describes how users can be authenticated in a decentralized manner, eliminating the need for services to provide their own ad hoc systems and allowing users to consolidate their digital identities...

.

Microsoft initially shipped Windows CardSpace with the .NET Framework 3.0, which runs on Windows XP
Windows XP
Windows XP is an operating system produced by Microsoft for use on personal computers, including home and business desktops, laptops and media centers. First released to computer manufacturers on August 24, 2001, it is the second most popular version of Windows, based on installed user base...

, Windows Server 2003
Windows Server 2003
Windows Server 2003 is a server operating system produced by Microsoft, introduced on 24 April 2003. An updated version, Windows Server 2003 R2, was released to manufacturing on 6 December 2005...

, and Windows Vista
Windows Vista
Windows Vista is an operating system released in several variations developed by Microsoft for use on personal computers, including home and business desktops, laptops, tablet PCs, and media center PCs...

. It is installed by default on Windows Vista as well as Windows 7 and is available as a free download for XP and Server 2003 via Windows Update
Windows Update
Windows Update is a service provided by Microsoft that provides updates for the Microsoft Windows operating system and its installed components, including Internet Explorer...

. An updated version of CardSpace shipped with the .NET Framework 3.5.

Retired

On the 15 February 2011, Microsoft announced that Windows CardSpace 2.0 will not be shipped. Microsoft is currently working on a replacement called U-Prove
U-Prove
U-Prove is a cryptographic technology for claims-based identity management developed by Stefan Brands and the company he founded, Credentica. It aims to offer greater security, scalability, and privacy than existing identity management frameworks, and allows for claims to be tied to the use of...

.

See also

  • Information Card
    Information Card
    Information Cards are personal digital identities that people can use online, and the key component of Identity metasystems. Visually, each Information Card has a card-shaped picture and a card name associated with it that enable people to organize their digital identities and to easily select...

  • Identity 2.0
    Identity 2.0
    Identity 2.0, also called digital identity, is set of methods for identity verification on the internet using emerging user-centric technologies such as Information Cards or OpenID. Identity 2.0 stems from the Web 2.0 theory of the World Wide Web transition...

  • Higgins project
  • Shibboleth (Internet2)
    Shibboleth (Internet2)
    Shibboleth is an Internet2 project that has created an architecture and open-source implementation for federated identity-based authentication and authorization infrastructure based on Security Assertion Markup Language . Federated identity allows for information about users in one security domain...

  • Identity management systems
    Identity management systems
    An identity management system refers to an information system, or to a set of technologies that can be used to support the management of identities.An identity management system:# Establishes the identity...


Further reading



External links

Informational

Software development
  • Microsoft Information Card Kit for ASP.NET 2.0ASP.NET
    ASP.NET
    ASP.NET is a Web application framework developed and marketed by Microsoft to allow programmers to build dynamic Web sites, Web applications and Web services. It was first released in January 2002 with version 1.0 of the .NET Framework, and is the successor to Microsoft's Active Server Pages ...

     Relying Party code to support CardSpace.
  • Microsoft Information Card Kit for HTML – platform-independent JavaScript and CSS code that detects if the client can use Information Cards and provides the corresponding UI support.
  • Open Source Ruby Relying Party code for accepting Information Cards.
  • Open Source Java Relying Party code for accepting Information Cards.
  • Open Source C and PHP Relying Party code for accepting Information Cards.
  • Open Source C Relying Party code for accepting Information Cards and Secure Token Service code for managed Information Cards.
  • Open Source PHP Secure Token Service code for managed Information Cards.
  • Open Source C# Secure Token Service code for managed Information Cards.


Identity selectors
  • Digital Me – an open source Identity Selector for Linux
    Linux
    Linux is a Unix-like computer operating system assembled under the model of free and open source software development and distribution. The defining component of any Linux system is the Linux kernel, an operating system kernel first released October 5, 1991 by Linus Torvalds...

     and Mac OS X
    Mac OS X
    Mac OS X is a series of Unix-based operating systems and graphical user interfaces developed, marketed, and sold by Apple Inc. Since 2002, has been included with all new Macintosh computer systems...

  • A plug-in for Apple's Safari
    Safari (web browser)
    Safari is a web browser developed by Apple Inc. and included with the Mac OS X and iOS operating systems. First released as a public beta on January 7, 2003 on the company's Mac OS X operating system, it became Apple's default browser beginning with Mac OS X v10.3 "Panther". Safari is also the...

     implementing an Information Card identity selector.
  • A plug-in for Firefox to activate CardSpace and other identity selectors.


Blogs
  • Kim Cameron's Identity Weblog – Information from Microsoft's architect for identity.
  • Mike Jones' blog – Information on CardSpace, Information Cards, and the Digital Identity from Microsoft's Director of Identity Partnerships.
  • Vittorio Bertocci's Weblog – Information on designing and developing with CardSpace from Microsoft's architect evangelist for Windows Server 2008.
  • CardSpace team blog – Information on CardSpace from the CardSpace team itself.
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
Silverdale Interactive © 2024. All Rights Reserved.
 
x
OK