I’ve had a lot of folks ask me about Geneva lately. This post provides a quick summary of the different places I’ve looked to find out more about The Geneva Framework and Microsoft’s story for a building claims-based WCF services.
Please let me know if you have more suggestions for good content on the topic. I’m a big fan of Michele Bustamante’s writing style, so you notice there are a couple articles here from her. You can always check her out at http://www.dasblonde.net/
Here’s a quick summary of the story around Geneva:
| | "Geneva" Claims Based Access Platform
"Geneva" helps simplify access to applications and other systems with an open and interoperable claims-based model.
For developers: "Geneva" helps simplify user access for developers by externalizing access logic from applications via claims, and reducing development effort with pre-built security logic and integrated .NET tools.
For IT professionals: "Geneva" helps IT efficiently deploy and manage new applications by reducing custom implementation work, consolidating access management in the hands of IT, helping establish a consistent security model, and facilitating seamless collaboration between organizations with automated federation tools.
For information workers and consumers: Users can benefit from help navigating logins, managing different personas, and controlling how personal information is shared. - "Geneva" includes built-in interoperability via open industry standards and claims, and implements the industry Identity Metasystem vision for open and interoperable identity.
- "Geneva" includes three components for enabling claims-based access. Beta 1 of the following components are now available for public evaluation:
- "Geneva" Framework for building .NET applications that use claims to make user access decisions
- "Geneva" Server security token service (STS) for issuing and transforming claims, enabling federations, and managing user access
- Windows CardSpace "Geneva" for helping users navigate access decisions and for developers to build customer authentication experiences for users
|
Here’s some great resources fro reading up on Geneva:
History - formerly called "Zermatt."
Features:
- Plumbing to build a custom Security Token Service (STS)
- A mechanism to require federated authentication from ASP.NET applications
- An object model that facilitates claims-based authorization for ASP.NET applications and Windows Communication Foundation (WCF) services.
- Support for Windows CardSpace such as managed information card issuance and ASP.NET controls that simplify the creation of a Windows CardSpace login experience.
Geneva Framework spans the breadth of security features, but at its core is claims-based security. It is the new framework for building claims-based applications and services, and for implementing federated security scenarios.
WCF has always had native support for a claims-based security model.
The Geneva Framework:
- Enhances and simplifies access to claims at run time.
- Provides a mechanism to support claims-based authorization in a manner that is consistent with the role-based authorization principals already available in the Microsoft .NET Framework.
Thanks for checking out this post!