Movatterモバイル変換

[0]ホーム

Jump to content

Windows CardSpace

Edit links

From Wikipedia, the free encyclopedia

Discontinued identity selector app by Microsoft

This article includes a list ofgeneral references, butit lacks sufficient correspondinginline citations. Please help toimprove this article byintroducing more precise citations.(July 2011) (Learn how and when to remove this message)

Windows CardSpace

The Windows CardSpace user interface, showing card creation template example
Developer	Microsoft
Operating system	Microsoft Windows
Successor	U-Prove
Service name	Windows CardSpace (idsvc)
Type	Identity management system

Windows CardSpace (codenamedInfoCard) is a discontinuedidentity selector app byMicrosoft. It stores references todigital identities of the users, presenting them as visualinformation cards. CardSpace provides a consistentUI designed to help people to easily and securely use these identities in applications and web sites where they are accepted. Resistance tophishing attacks and adherence toKim Cameron's "7 Laws of Identity"^[1] were goals in its design.^[2]

CardSpace is a built-in component ofWindows 7 andWindows Vista, and has been made available forWindows XP andWindows Server 2003 as part of the.NET Framework 3.x package.

Overview

[edit]

When aninformation card-enabled application or website wishes to obtain information about theuser, it requests a particular set of claims. The CardSpace UI then appears, switching the display to the CardSpace service, which displays the user's stored identities as visual cards. The user selects a card to use, and the CardSpace software contacts the issuer of the identity to obtain adigitally signed XML token that contains the requested information. CardSpace also allows users to createpersonal (also known asself-issued) information cards, which can contain one or more of 14 fields of identity information such as full name and address. Other transactions may require amanaged information card; these are issued by a third-partyidentity provider that makes the claims on the person's behalf, such as a bank, employer, or a government agency.

Windows CardSpace is built on top of theWeb services protocol stack, an open set of XML-based protocols, includingWS-Security,WS-Trust,WS-MetadataExchange andWS-SecurityPolicy. This means that any technology or platform that supports these protocols can integrate with CardSpace. To accept information cards, aweb developer needs to declare anHTML<OBJECT> tag that specifies the claims the website is demanding and implement code to decrypt the returned token and extract the claim values. If an identity provider wants to issue tokens, it must provide a means by which a user can obtain a managed card and provide aSecurity Token Service (STS) which handlesWS-Trust requests and returns an appropriate encrypted and signed token. During the 2000s, identity providers that didn't wish to build STS could obtain one from a variety of vendors, includingPingIdentity,BMC,Sun Microsystems,Microsoft, orSiemens.

Because CardSpace and the identity metasystem upon which it is based are token-format-agnostic, CardSpace did not compete directly with other Internet identity architectures likeOpenID andSAML. These three approaches to identity can be seen as complementary,^[3] because during the 2000s, information cards could be used today for signing into OpenID providers,Windows Live ID accounts, and SAML identity providers.

IBM andNovell planned to support^[4] theHiggins trust framework to provide a development framework that includes support for information cards and the Web services protocol stack, thus including CardSpace within a broader, extensible framework also supporting other identity-related technologies, such asSAML andOpenID.

Release

[edit]

Microsoft initially shipped Windows CardSpace with the.NET Framework 3.0, which runs onWindows XP,Windows Server 2003, andWindows Vista. It is installed by default on Windows Vista as well asWindows 7 and is available as a free download for XP and Server 2003 viaWindows Update. An updated version of CardSpace shipped with the.NET Framework 3.5. The new Credential Manager in Windows 7 uses Windows CardSpace for the management and storage of saved user credentials.^[5]

Discontinuation

[edit]

On February 15, 2011, Microsoft announced that Windows CardSpace 2.0 would not be shipped.^[6] Microsoft later worked on a replacement calledU-Prove.^[7]

References

[edit]

^Cameron, Kim (2005-05-01)."The Laws of Identity".MSDN.Microsoft. Retrieved2010-12-13.
^Cameron, Kim; Jones, Michael B. (January 2006)."Design Rationale behind the Identity Metasystem Architecture"(PDF). Retrieved2010-12-13.
^Ernst, Johannes (January 24, 2006)."Three Digital Identity Standards". Archived fromthe original on August 9, 2011.
^"Open Source Initiative to Give People More Control Over Their Personal Online Information".News room.IBM. February 27, 2006. Archived fromthe original on March 14, 2006.
^"Windows 7 new features".TechNet.Microsoft. February 3, 2009. RetrievedMarch 30, 2018.
^"Beyond Windows CardSpace".Claims-Based Identity Blog.Microsoft. 15 February 2011. Archived fromthe original on 12 July 2012. Retrieved23 July 2011.
^"U-Prove Home".Connect.Microsoft. Archived fromthe original on July 14, 2011. RetrievedJuly 23, 2011.

External links

[edit]

Software development

Windows CardSpace on .NET Framework documentation site – Developer articles and technical documentation on Windows CardSpace
Microsoft Information Card Kit for ASP.NET 2.0 – ASP.NETRelying Party (RP) code to support CardSpace
Microsoft Information Card Kit for HTML – platform-independent JavaScript and CSS code that detects if the client can use i-cards and provides the corresponding UI support
Open sourceRuby RP code for accepting information cards
Open sourceJava RP code for accepting information cards
Open sourceC and PHP^{[permanent dead link]} RP code for accepting cards
Open sourceC RP code for accepting information cards andSTS code for managed i-cards
Open sourcePHP Archived 2007-11-12 at theWayback Machine Security Token Service code for managed cards
Open sourceC#Archived 2013-06-16 at theWayback Machine STS code for managed information cards

Identity selectors

Digital Me Archived 2012-01-13 at theWayback Machine – an open-source Identity Selector forLinux andMac OS X
A plug-in Archived 2006-11-07 at theWayback Machine for Apple'sSafari implementing an Information Card identity selector
A plug-in forFirefox to activate CardSpace and other identity selectors

Blogs

Kim Cameron's Identity Weblog – Blog from Microsoft's architect for identity
Mike Jones: Self-Issued – Blog on CardSpace, cards, and digital identity from Microsoft's Director of Identity Partnerships
Vittorio Bertocci (archived) – Blog on designing and developing with CardSpace from Microsoft's architect evangelist for Windows Server 2008
Claim-Based Identity Blog (archived) – Blog on CardSpace from its development team

Implementations

Decompilers	.NET Reflector dotPeek
Obfuscators	Dotfuscator SmartAssembly
CLR Profiler ILAsm .NET Compiler Platform Native Image Generator (NGen) XAMLPad

IDEs

Organizations

Microsoft development tools

Development
environments

Visual Studio	Code Express Team System Profiler Tools for Applications Tools for Office
Others	Blend Expression Web FxCop GW-BASIC MACRO-80 Macro Assembler MSBuild Pascal QuickBASIC QBasic QuickC Robotics Developer Studio Roslyn SharePoint Designer FrontPage Small Basic WebMatrix Windows App SDK Windows App Studio Windows SDK CLR Profiler ILAsm Native Image Generator WinDiff XAMLPad

Languages

Dynamics AX
BASIC
Visual Basic
- legacy
- VB.NET
- VBA
- VBScript
Bosque
Visual C++
- C++/CX
- C++/CLI
- Managed C++
- C++/WinRT
C#
C/AL
Dafny
Dexterity
F#
F*
Visual FoxPro
Java
- J++
- J#
JavaScript
- TypeScript
- JScript
IronPython
IronRuby
Lean
P
Power Fx
PowerShell
Project Verona
Q#
Small Basic
VPL
XAML

APIs and
frameworks

Native	Windows API Silverlight XNA DirectX Managed DirectX UWP Xbox Development Kit Windows Installer WinUI
.NET	ASP.NET Core AJAX Dynamic Data MVC Razor Web Forms ADO.NET Entity Framework MAUI CardSpace Communication Foundation Identity Foundation LINQ Presentation Foundation Workflow Foundation
Device drivers	WDK WDF KMDF UMDF Windows HLK WDM

Database

SQL Server	Express Compact Management Studio MSDE
SQL services	Analysis Reporting Integration Notification
Other	Visual FoxPro Microsoft Access Access Database Engine Extensible Storage Engine

Source control

Testing and
debugging

Delivery

Category

v t e Microsoft APIs and frameworks
Graphics and UI	Desktop Window Manager Direct2D Direct3D D3D (extensions) GDI / GDI+ WPF Silverlight WinUI Windows Color System Windows Image Acquisition Windows Imaging Component DirectX Graphics Infrastructure (DXGI) Windows Advanced Rasterization Platform WinG
Audio	DirectMusic DirectSound XACT Speech API XAudio2
Multimedia	DirectX Media Objects Video Acceleration Xinput DirectInput DirectShow Managed DirectX Media Foundation XNA Windows Media Video for Windows
Web	MSHTML JScript VBScript BHO XDR SideBar Gadgets TypeScript
Data access	Data Access Components (MDAC) ADO ADO.NET ODBC OLE DB Extensible Storage Engine Entity Framework Sync Framework Access Database Engine MSXML OPC
Networking	Winsock LSP Winsock Kernel Filtering Platform NDIS Windows Rally BITS P2P API MSMQ DirectPlay
Communication	Messaging API Telephony API WCF
Administration and management	Win32 console Windows Script Host WMI (extensions) PowerShell Task Scheduler Offline Files Shadow Copy Windows Installer Error Reporting Event Log Common Log File System
Component model	COM COM+ ActiveX Distributed Component Object Model .NET Framework
Libraries	Framework Class Library Microsoft Foundation Classes (MFC) Active Template Library (ATL) Windows Template Library (WTL)
Device drivers	WDM WDF KMDF UMDF WDDM NDIS UAA VxD
Security	Crypto API CAPICOM Windows CardSpace Data Protection API Security Support Provider Interface (SSPI)
.NET	ASP.NET ADO.NET Remoting Silverlight TPL WCF WCS WPF WF
Software factories	Enterprise Library CCF
IPC	MSRPC Dynamic Data Exchange (DDE) Remoting WCF
Accessibility	Active Accessibility UI Automation
Text and multilingual support	DirectWrite Text Services Framework Text Object Model Input method editor Language Interface Pack Multilingual User Interface Uniscribe

Microsoft Windows components

Management
tools

Security

Compatibility

API

Games

Solitaire Collection
Surf

Discontinued

Games	3D Pinball Chess Titans FreeCell Hearts Hold 'Em InkBall Purble Place Solitaire Spider Solitaire Tinker
Apps	ActiveMovie Address Book Anytime Upgrade Backup and Restore Cardfile CardSpace CD Player Chat Contacts Cortana Desktop Gadgets Diagnostics DriveSpace DVD Maker Easy Transfer Edge Legacy Fax Food & Drink Groove Music Health & Fitness Help and Support Center HyperTerminal Imaging Internet Explorer Journal Make Compatible Maps Media Center Meeting Space Messaging Messenger Mobile Device Center Movie Maker MSN Dial-Up NetMeeting NTBackup Outlook Express Paint 3D Pay Phone Companion Photo Gallery Photo Viewer Program Manager Skype Sports Start Steps Recorder Syskey Tips Travel WinHelp WordPad Write
Others	Desktop Cleanup Wizard File Protection Games for Windows HPFS Interix Media Control Interface MS-DOS 7 Next-Generation Secure Computing Base POSIX subsystem ScanDisk Video for Windows Virtual DOS machine Windows on Windows Windows Services for UNIX Windows SideShow Windows System Assessment Tool Windows To Go WinFS