Nice article by Sebastian Iacomuzzi: Intro to ZZermatt.
Zermatt is a set of .NET Framework classes. It is a framework for implementing claims-based identity in your applications.
When you build claims-aware applications, the user presents an identity to your application as a set of claims. One claim could be the user’s name, another might be an e-mail address. The idea here is that an external identity system is configured to give your application everything it needs to know about the user with each request she makes, along with cryptographic assurance that the identity data you receive comes from a trusted source.