IAM in TwC

I attended 2006 Microsoft EE & TwC Forum recently and tried to find out if there is any relationship between IAM and TwC. It is interesting that TwC (Trustworthy Computing) has Identity and Access Control as a grand child.

At top level, TwC has four children, referred as 4 pillars:

1. Security

2. Privacy

3. Reliability

4. Business Practices

At next level, the Security pillar in TwC has three children, known as 3 elements:

1. Fundamentals

2. Threat and Vulnerability Mitigation

3. Identity and Access Control

Finally, IAC (Identity and Access Control) itself has 3 parts:

1. Trustworthy Identity: Strong Authentication and Credential Management (https://download.microsoft.com/download/9/e/2/9e206d8a-37a2-4c17-a6df-ef1e82ce37f4/TrustworthyID.doc)

2. Access Policy Management: Authorizing for Access (https://download.microsoft.com/download/e/e/4/ee4eb053-31bf-4180-96a5-91866e43ee6c/AccessPolicyMgt.doc)

3. Information Protection (https://download.microsoft.com/download/2/b/d/2bdcaef5-865f-46f0-a555-cb6ce5c6bd0e/information_protection.doc)

The forum content (such as Microsoft's 10 year authentication and authorization strategies) may be confidential and not available for public yet. But above docs should provide you enough readings about IAM in TwC.