All About the Geneva Framework

I’ve had a lot of folks ask me about Geneva lately. This post provides a quick summary of the different places I’ve looked to find out more about The Geneva Framework and Microsoft’s story for a building claims-based WCF services.

Please let me know if you have more suggestions for good content on the topic. I’m a big fan of Michele Bustamante’s writing style, so you notice there are a couple articles here from her. You can always check her out at

Here’s a quick summary of the story around Geneva:


"Geneva" Claims Based Access Platform "Geneva" helps simplify access to applications and other systems with an open and interoperable claims-based model. For developers: "Geneva" helps simplify user access for developers by externalizing access logic from applications via claims, and reducing development effort with pre-built security logic and integrated .NET tools. For IT professionals: "Geneva" helps IT efficiently deploy and manage new applications by reducing custom implementation work, consolidating access management in the hands of IT, helping establish a consistent security model, and facilitating seamless collaboration between organizations with automated federation tools. For information workers and consumers: Users can benefit from help navigating logins, managing different personas, and controlling how personal information is shared.

  • "Geneva" includes built-in interoperability via open industry standards and claims, and implements the industry Identity Metasystem vision for open and interoperable identity.
  • "Geneva" includes three components for enabling claims-based access. Beta 1 of the following components are now available for public evaluation:
  • "Geneva" Framework for building .NET applications that use claims to make user access decisions
  • "Geneva" Server security token service (STS) for issuing and transforming claims, enabling federations, and managing user access
  • Windows CardSpace "Geneva" for helping users navigate access decisions and for developers to build customer authentication experiences for users

Here’s some great resources fro reading up on Geneva:


WCF and claims-based security in Keith Brown’s Security Briefs column published in September 2007.

Windows CardSpace in "Identity: Secure Your ASP.NET Apps and WCF Services with Windows CardSpace".)

Geneva Framework white paper for developers written by Keith Brown and Sesha Mani.

This link contains a brief overview of Geneva and 3 different .pdf documents to download. This will provide you with an overview of the features in the Geneva Framework, as well as some background on claims-based security concepts, and explain how to enable these features in ASP.NET applications and WCF services, with an emphasis on the former.

Geneva Framework – Building A Custom Security Security Token Service by Michele Leroux Bustamante

Geneva Framework - A Better Approach For Building Claims-Based WCF Services by Michele Leroux Bustamante

History - formerly called "Zermatt."


  • Plumbing to build a custom Security Token Service (STS)
  • A mechanism to require federated authentication from ASP.NET applications
  • An object model that facilitates claims-based authorization for ASP.NET applications and Windows Communication Foundation (WCF) services.
  • Support for Windows CardSpace such as managed information card issuance and ASP.NET controls that simplify the creation of a Windows CardSpace login experience.

Geneva Framework spans the breadth of security features, but at its core is claims-based security. It is the new framework for building claims-based applications and services, and for implementing federated security scenarios.

WCF has always had native support for a claims-based security model.

The Geneva Framework:

  • Enhances and simplifies access to claims at run time.
  • Provides a mechanism to support claims-based authorization in a manner that is consistent with the role-based authorization principals already available in the Microsoft .NET Framework.

Thanks for checking out this post!

Cheers, MurraySignature

Murray Gordon ISV Architect Evangelist Microsoft Corporation chat facebook Twitter linkedin WindowsSpaces XBox Live Multiply  LiveMessenger blog blog US ISV Team Blog blog My GeeksWithBlogs Blog