Microsoft Opens Passport, Renames Hailstorm

Microsoft Corp. on Thursday said it will build Kerberos support into Passport in 2002 in order to make the single sign-in authentication service interoperable with offerings from other vendors and to allow enterprises more granular control over how much employee data can be accessed outside the company.

The company also changed the name of its consumer-oriented Hailstorm, the superset of Web services built on Passport, to the less militant sounding .NET My Services.

Much of the industry has pushed back against Microsoft on Passport and Hailstorm. Passport has come under fire for popping up frequently in Windows XP, while Hailstorm has been viewed by some as an attempt by Microsoft to collect and store data on everyone.

With the announcement, Microsoft says it is trying to move the industry to a federated approach similar to the network banks use with ATMs.

"The challenge of providing universal single sign-in is larger than any one company," Bob Muglia, Microsoft group vice president of .NET Services, said in a statement. "We invite the industry to participate in this federated model that bridges today's islands of authentication into a trusted network."

According to Microsoft, potential participants in the federated model include users, Web sites, enterprises, competing service operators, wireline and wireless carriers. Passport, which has been around since 1999 and has 165 million accounts, will be upgraded to support what Microsoft calls universal single sign-in next year. The main change will be to add support for the Kerberos standard. Passport will use the same implementation, version 5.0, that Microsoft supports in Active Directory.

Microsoft says Windows .NET Server, scheduled for release in the first half of 2002, will be designed to make it easier for organizations to extend universal single sign-in from inside the organization to the Internet.

"By associating a Passport identity with a Windows .NET Server identity, Microsoft has begun to tear down the wall that has forced customers to separate their internal network and extranet systems from each other," Microsoft said in a statement.

Christopher Payne, Microsoft vice president of the .NET Core Services Platform, provided one example in a Q&A about the announcement on Microsoft's Web site.

"An employee [can] have just one password and ID that they can use securely when visiting their company's HR benefits page, then leave the internal site to visit their company's travel-services site -- even though that site is run by an external vendor," Payne said.

Muglia says Microsoft will further the dialogue at the Trusted Computing Conference in Mountain View, Calif., in November.

The Hailstorm services, now called .NET My Services, include:
myAddress -- electronic and geographic address for an identity
myProfile -- name, nickname, special dates, picture
myContacts -- electronic relationships/address book
myLocation -- electronic and geographical location and rendezvous
myNotifications -- notification subscription, management and routing
myInbox -- inbox items like e-mail and voice mail, including existing mail systems
myCalendar -- time and task management
myDocuments -- raw document storage
myApplicationSettings -- application settings
myFavoriteWebSites -- favorite URLs and other Web identifiers
myWallet -- receipts, payment instruments, coupons and other transaction records
myDevices -- device settings, capabilities
myServices -- services provided for an identity
myUsage -- usage report for above services

About the Author

Scott Bekker is editor in chief of Redmond Channel Partner magazine.


  • Microsoft and SAP Enhance Partnership with Teams Integration

    Microsoft and SAP this week described continuing partnership efforts on Microsoft Azure, while also planning a Microsoft Teams integration with SAP's enterprise resource planning product and other solutions.

  • Blue Squares Graphic

    Microsoft Previews Azure IoT Edge for Linux on Windows

    Microsoft announced a preview of Azure IoT Edge for Linux on Windows, which lets organizations tap Linux virtual machine processes that also work with Windows- and Azure-based processes and services.

  • How To Automate Tasks in Azure SQL Database

    Knowing how to automate tasks in the cloud will make you a more productive DBA. Here are the key concepts to understand about cloud scripting and a rundown of the best tools for automating code in Azure.

  • Microsoft Open License To End Next Year for Government and Education Groups

    Microsoft's "Open License program" will end on Jan. 1, 2022, and not just for commercial customers, but also for government, education and nonprofit organizations.

comments powered by Disqus