Feeds

Microsoft lines up with the good guys on identity tech

Brands and Cameron pitch the fix for government's Big ID problem

Choosing a cloud hosting partner with confidence

Dr Brands is evidently delighted about the U-Prove sale, which had been under discussion for two years. "There is no industry player around I believe in as much as Microsoft with regard to its commitment to build security and privacy into IT systems and applications," he says. He points to Microsoft's existing presence throughout the target markets for ID and access management, and its influence both on the client and server side of the application. "It is easy to say why this is a perfect match."

Mr Cameron sees U-Prove's minimal disclosure tokens as base features of emerging identity platforms which will lead to the safest possible Internet: "I don't think the point here is ultimately to make a dollar. It's about building a system of identity that can withstand the ravages that the Internet will unleash. That will be worth billions." He looks forward to good privacy practice becoming one of the norms of e-commerce.

The prospect is that Brands' minimal disclosure tokens, with their properties of selective disclosure, unlinkability, and powerful revocation capabilities, will be built with half a dozen man-years' development effort into the Windows Cardspace user interface arising from Mr Cameron's work, and also into the underlying Windows Communication Foundation.

If U-Prove is available in WCF that makes it available to any applications on the Windows platform. U-Prove is also covered by Microsoft's (not wholly uncontroversial) Open Specification Promise.

MS as ID standards hero?

Now that the world knows it is Microsoft – instead of a Nokia, Google or IBM – that has acquired Dr Brands' patents there is concern on just how U-Prove will be used competitively. A statesmanlike market leader can afford the view that a safe online world for all is prerequisite for the health of their future market. But Microsoft has a history as an inveterate playground bully that rivals don't easily forget.

Mr Cameron protests that times have changed: "I can guarantee everyone that I have zero intention of hoarding minimal disclosure tokens or turning U-Prove into a proprietary Microsoft technology silo. Like, it's 2008, right? Give me a break, guys!" Dr Brands echoes the point: "It's very clear to me that's not why the people who pushed for the deal wanted to do this."

The outstanding question is how well the undoubted intentions and integrity of both men will stand up to the residual primitive and exploitative tendencies that still reside in large parts of Microsoft.

So, why is this acquisition so important for us in the UK?

It's not just about general cybercrime and data losses, although the UK suffers from that as much as anywhere. It's about the broad thrust of government IT plans. The UK's "Transformational Government" public-sector IT strategy is written and implemented by people who have yet to take a privacy-friendly approach to single sign-on and data sharing. And they've managed to marginalise the very small number of people inside government who appreciate Dr Brands' work.

To say the acquisition is important to UK government is not to say that Whitehall should now buy more Microsoft products – indeed part of the problem was that Tony Blair was seduced by Bill Gates, and Whitehall was locked by Microsoft into a Hailstorm-era way of thinking with its central authentication and health services. When Scott McNealy pointed out the dangers of Hailstorm UK e-Envoy Andrew Pinder scornfully and publicly retorted that the Sun boss was simply jealous that Bill Gates' firm was bigger and more successful than his.

Security for virtualized datacentres

More from The Register

next story
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.