In order to use CardSpace in business environments, compliance requirements enforce the use of a Security Token Service. Within an innovation project T-Systems implemented a Security Token Service that fulfils different business needs such as self services, instant roll-out for external employees, different authentication mechanisms for different levels of security, support of already rolled out smart cards and mobile phones as user credential.
A live demonstration shows business scenarios where different types of users interact, federate identities and also use the mobile phone for authentication. All benefits of such a user centric solution based on a Security Token Service for CardSpace are directly made visible. Additionally key concepts of a Security Token Service as well as lessons learned during the implementation are illustrated.