Microsoft announces release of “Zermatt” Identity Framework
Microsoft released a beta of “Zermatt”, an identity framework for developers using the .Net framework. The framework helps developers build claims-aware applications to address application security requirements using a simplified application access model.
Building claims-aware applications
Zermatt makes it easier to build identity aware applications. In addition to providing a new claims model, it provides applications with a rich set of API’s to reason about the identity of a caller using claims.
Zermatt also provides developers with a consistent programming experience whether they choose to build their applications in ASP.NET or in WCF environments.
Building Security Token Services (STS)
Zermatt makes it substantially easier for building a custom security token service (STS) that supports the WS-Trust protocol. These STS’s are also referred to as an Active STS.
In addition, the framework also provides support for building STS’s that support WS-Federation to enable web browser clients. These STS’s are also referred to as a Passive STS.
Creating Information Cards
Zermatt includes classes that you can use to create Information Cards - as well as STS’s that support them.
The framework builds on several WS-* standards like WS-MetadataExchange, WS-Policy, WS-Trust etc. and uses Windows CardSpace. The framework is interoperable with other popular web service stacks and also comes with UI widgets and a plumbing to make developing secure single-sign-on applications in ASP.net very simple.
Ian Culling, Andy Powell & Lee Cunningham Dec 11, 2013