Claims Enabling and Claims Relying Technologies

Claims Enabling and Claims Relying Technologies

This topic provides quick view on claims enabling and claims relying technologies. Claims enabling technologies provide means to support claims mechanisms such as protocols implementation, tokens parsing, storage, validation, transformation, and object models. Claims relying technologies make use of the claim enabling technologies.

Claims Enabling Technologies

Technology

Description

AD FS

Active Directory Federation Services (AD FS) 2.0 provides support for claims-aware identity solutions that involve Windows Server® and Active Directory technology. AD FS 2.0 supports the WS-Trust, WS-Federation, and Security Assertion Markup Language (SAML) protocols.

AD FS’ key component is a Security Token Service (STS) that issues security tokens upon successful authentication. The security token carries information retrieved from AD and other attribute stores such as SQL Server, this information referred as claims. AD FS enables Web SSO and partner federated authentication scenarios. AD FS is a product that provides its functionality to IT Pro’s mainly through configuration. To extend AD FS functionality, such as custom login pages and custom attribute stores, developers can use AD FS SDK. AD FS integrates with industry major products, read more in AD FS 2.0 Step-by-Step and How To Guides

Windows Server 2012 DAC

Dynamic Access Control (DAC) lets you identify data by using automatic and manual classification of files, control access to files by applying policies that use central access policies, audit access to files by using central audit policies for compliance reporting and forensic analysis, apply Rights Management Services (RMS) protection by using automatic RMS encryption for sensitive Microsoft Office documents. Read more here.

WIF

Windows Identity Foundation (WIF) is claims technology developers use when implementing claims-aware applications and components. WIF’s key functionality includes protocol handling (such as WS-Federation and WS-Trust) and token validation parsing (such as SAML tokens). Read more Windows Identity Foundation 4.5 Overview

Windows Azure Active Directory (AD) ACS

Windows Azure Active Directory Access Control Service (WA AD ACS) is a cloud based Security Token Service (STS). ACS federates with corporate identity providers such as AD FS and with Internet identity providers such as Windows Live ID, Facebook, Google, Yahoo! and any Open ID 2.0 identity provider. WA AD ACS enables SSO for cloud scenarios. Read more in here.


Claims Relying Technologies

Technology

Description

Office 365

Office 365 provides anywhere access to cloud-based email, web conferencing, file sharing and Office apps at a low predictable monthly cost. Office 365 uses claims-based authentication when offering access to corporate users through AD FS. Read more in Office 365 With Federated Authentication, Identities In Active Directory 

SharePoint 2010 and SharePoint 2013 Preview

Microsoft SharePoint 2010 and SharePoint 2013 Preview support claims-based authentication and authorization. Read more in Getting Started with Security and Claims-Based Identity Model

Dynamics CRM 2011

Microsoft Dynamics CRM 2011 supports claims-based authentication and authorization. Read more in Configuring Claims-based Authentication for Microsoft Dynamics CRM 2011

.Net Apps

Developers can implement claims-based authentication and authorization in their applications developed using .Net. Read more in Windows Azure Active Directory Solutions For Developers

Windows 8-style Apps

Developers can implement claims-based authentication and authorization in their Windows 8-style applications developed using WinRT. More info here

Windows Azure Service Bus

Windows Azure Service Bus is a cloud messaging and connectivity technology that relies on Windows Azure Active Directory (WA AD) Access Control Service (ACS) for authorization. Read more in Windows Azure AppFabric Service Bus With Federated Authentication Using ACS

Windows Azure Cache

Windows Azure Cache relies on Windows Azure Active Directory (WA AD) Access Control Service (ACS) for its authentication needs. Read more in Windows Azure Cache With Federated Authentication Using ACS

AD RMS

In AD RMS rights can be assigned to users who have federated trust through Active Directory Federation Services (AD FS). This enables an organization to share access to rights-protected content with another organization without having to establish a separate Active Directory trust or AD RMS infrastructure. Read more in Federating AD RMS


Related

Leave a Comment
  • Please add 6 and 5 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • Joe Davies edited Revision 9. Comment: Added SharePoint 2013 Preview and updated various product names

Page 1 of 1 (1 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • What about Office 365?

  • nzpcmad1,

    Good catch! Adding it now.

  • Joe Davies edited Revision 9. Comment: Added SharePoint 2013 Preview and updated various product names

Page 1 of 1 (3 items)