A Guide to Claims-Based Identity and Access Control: claims provide an innovative approach for building applications that authenticate and authorize users. Imagine a world where you don't have to worry about authentication. Imagine instead that all requests to your application already include the information you need to make access control decisions and to personalize the application for the user (a citizen accessing public services).  

In this world, your applications can trust another system component to securely provide user information, such as the user's name or e-mail address, a case manager's e-mail address, or even a procurement authorization limit or access to a health care record. The user's information always arrives in the same simple format, regardless of the authentication mechanism, even if someone in charge of your security policy changes how users authenticate, you still get the information, and it's always in the same format.

Learn more: http://msdn.microsoft.com/en-us/library/ff423674.aspx

Codeplex: http://claimsid.codeplex.com/