By using technology known as Digital ID World Conference here., individuals in an organization could grant access to outsiders without having to involve the IT department, Kim Cameron, identity and access architect at Microsoft, said in a presentation Wednesday at the
"The main role of information cards in the enterprise is to devolve access control to the resource owners," Cameron said. "Setting access control policies becomes a naturalistic and intuitive and visual process."
With today's systems, granting a third party access to a corporate resource has become fraught with red tape, stifling business, Cameron argued. With CardSpace, owners of certain information resources at an organization can easily unlock those to specific outsiders by making their own risk assessment, he said.
"My belief is that trust is local," Cameron said. "Make the granting of access easy enough so that users can do it, albeit under adult supervision."
Layers of bureaucracy have arisen from the lack of efficiencies in today's identity management technologies, Cameron said. Typically, any kind of access control is handled by a specific department in an enterprise because the technology is very complex, he said.
"Business people can't actually do directly the kinds of things that they want because it is too hard," Cameron said. "If we continue to organize this by doing it all in a centralized, bureaucratic way, then you end up with solutions that are increasingly complex."
CardSpace is a component of the Microsoft .NET Framework version 3.0, which was formerly called WinFX. Microsoft has been promoting the technology as a way to make using digital identities easier and safer andas the means of verifying identity on the Internet.
Microsoft envisions the use of CardSpace and granting access in Windows Vista to be as simple as using a Word processor. Vista, the successor to Windows XP, is due to be.
"Nowadays nobody has to go and learn how to do word processing; everybody knows how to do it. That is the kind of approach that will allow us to really have secure controlled access that works for business purposes," Cameron said.