Microsoft Opens Passport, Renames Hailstorm

Microsoft Corp. on Thursday said it will build Kerberos support into Passport in 2002 in order to make the single sign-in authentication service interoperable with offerings from other vendors and to allow enterprises more granular control over how much employee data can be accessed outside the company.

The company also changed the name of its consumer-oriented Hailstorm, the superset of Web services built on Passport, to the less militant sounding .NET My Services.

Much of the industry has pushed back against Microsoft on Passport and Hailstorm. Passport has come under fire for popping up frequently in Windows XP, while Hailstorm has been viewed by some as an attempt by Microsoft to collect and store data on everyone.

With the announcement, Microsoft says it is trying to move the industry to a federated approach similar to the network banks use with ATMs.

"The challenge of providing universal single sign-in is larger than any one company," Bob Muglia, Microsoft group vice president of .NET Services, said in a statement. "We invite the industry to participate in this federated model that bridges today's islands of authentication into a trusted network."

According to Microsoft, potential participants in the federated model include users, Web sites, enterprises, competing service operators, wireline and wireless carriers. Passport, which has been around since 1999 and has 165 million accounts, will be upgraded to support what Microsoft calls universal single sign-in next year. The main change will be to add support for the Kerberos standard. Passport will use the same implementation, version 5.0, that Microsoft supports in Active Directory.

Microsoft says Windows .NET Server, scheduled for release in the first half of 2002, will be designed to make it easier for organizations to extend universal single sign-in from inside the organization to the Internet.

"By associating a Passport identity with a Windows .NET Server identity, Microsoft has begun to tear down the wall that has forced customers to separate their internal network and extranet systems from each other," Microsoft said in a statement.

Christopher Payne, Microsoft vice president of the .NET Core Services Platform, provided one example in a Q&A about the announcement on Microsoft's Web site.

"An employee [can] have just one password and ID that they can use securely when visiting their company's HR benefits page, then leave the internal site to visit their company's travel-services site -- even though that site is run by an external vendor," Payne said.

Muglia says Microsoft will further the dialogue at the Trusted Computing Conference in Mountain View, Calif., in November.

The Hailstorm services, now called .NET My Services, include:
myAddress -- electronic and geographic address for an identity
myProfile -- name, nickname, special dates, picture
myContacts -- electronic relationships/address book
myLocation -- electronic and geographical location and rendezvous
myNotifications -- notification subscription, management and routing
myInbox -- inbox items like e-mail and voice mail, including existing mail systems
myCalendar -- time and task management
myDocuments -- raw document storage
myApplicationSettings -- application settings
myFavoriteWebSites -- favorite URLs and other Web identifiers
myWallet -- receipts, payment instruments, coupons and other transaction records
myDevices -- device settings, capabilities
myServices -- services provided for an identity
myUsage -- usage report for above services

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Windows Admin Center vs. Hyper-V Manager: What's Better for Managing VMs?

    Microsoft's preferred interface for Windows Server is Windows Admin Center, but can it really replace Hyper-V Manager for managing virtual machines? Brien compares the two management tools.

  • Microsoft Offers More Help on Windows Server 2008 Upgrades

    Microsoft this week published additional help resources for organizations stuck on Windows Server 2008, which fell out of support on Jan. 14.

  • Microsoft Ups Its Carbon Reduction Goals

    Microsoft on Thursday announced a corporatewide carbon reduction effort that aims to make the company "carbon negative" by 2030.

  • How To Dynamically Lock Down an Unattended Windows 10 PC

    One of the biggest security risks in any organization happens when a user walks away from their PC without logging out. Microsoft has the solution (and it's not a password-protected screensaver).

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.