Design Rationale behind the Identity Metasystem Architecture

  • Kim Cameron
  • Michael B. Jones


Many of the problems facing the Internet today stem from the lack of a widely deployed, easily understood, secure identity solution. Microsoft’s “InfoCard” project and the Identity Metasystem vision underlying it are aimed at filling this gap using technology all can adopt and solutions all can endorse, putting users in control of their identity interactions on the Internet. The design decisions presented in this paper are intended to result in a widely accepted, broadly applicable, inclusive, comprehensible, privacyenhancing, securityenhancing identity solution for the Internet. We present them and the rationale behind them to facilitate review of these design decisions by the security, privacy, and policy communities, so that people will better understand Microsoft’s implementations, and to help guide others when building interoperating implementations.


Design Rationale Smart Card Identity Solution Design Decision Identity System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [AntiPhishing 05]
    AntiPhishing Working Group. Phishing Activity Trends Report, February 2005. APWG_Phishing_Activity_Report_Feb05.pdf.Google Scholar
  2. [Cameron 05a]
    Kim Cameron. Kim Cameron’s Identity Weblog, May 2005. Scholar
  3. [Cameron 05b]
    Kim Cameron. The Laws of Identity. Microsoft Whitepaper, May 2005. com/webservices/understanding/advancedwebservices/default.aspx?pull=/library/enus/dnwebsrv/ html/lawsofidentity.asp.Google Scholar
  4. [FFIEC 05]
    Federal Financial Institutions Examination Council. Authentication in an Internet Banking Environment, October2005. And Scholar
  5. [Gartner 05]
    Gartner. Gartner Survey Shows Frequent Data Security Lapses and Increased Cyber Attacks Damage Consumer Trust in Online Commerce, June 2005. asset_129754_11.html. 11Google Scholar
  6. [IETF 05]
    ETF. PublicKey Infrastructure (X.509) (pkix), December2005. pkixcharter.html.Google Scholar
  7. [Microsoft 05a]
    Microsoft. Microsoft’s Vision for an Identity Metasystem. Microsoft Whitepaper, May 2005. http:// rstanding/advancedwebservices/default.aspxVpulWlibrary/enus/dnwebsrv/html/identitymetasystem.asp.Google Scholar
  8. [Microsoft 05b]
    Microsoft. Windows Vista Developer Center: InfoCard. building/infocard/.Google Scholar
  9. [Microsoft 06]
    Microsoft. WinFX Developer Center, January 2006. Scholar
  10. [PingID 05]
    Ping Identity. SourceID InfoCard STS Toolkit for Java, August 2005. infocards/.Google Scholar
  11. [WSMetadataExchange 04]
    Web Services Metadata Exchange (WSMetadataExchange), September 2004. http:// Scholar
  12. [WSSecurity 04]
    Web Services Security: SOAP Message Security 1.0 (WSSecurity 2004), March2004. http:// Scholar
  13. [WSSecurityPolicy 05]
    Web Services Security Policy Language (WSSecurityPolicy), July 2005. http://specs. xml Scholar
  14. [WS-Trust 05]
    Web Services Trust Language (WS-Trust), February2005. trust/WSTrust.pdfGoogle Scholar

Copyright information

© Friedr. Vieweg & Sohn Verlag | GWV Fachverlage GmbH, Wiesbaden 2007

Authors and Affiliations

  • Kim Cameron
    • 1
  • Michael B. Jones
    • 1
  1. 1.MicrosoftUSA

Personalised recommendations