Microsoft and Sun have agreed to a single sign-on specification to ease cross-platform identity management. They also promised to improve inter-operability of .Net and Java.

The announcement, made by CEOs Steve Ballmer and Scott McNealy, comes one year after the two companies agreed to settle a lengthy anti-trust legal battle. The settlement included a $2 billion payment by Microsoft to Sun and a 10-year agreement to improve inter-operability between the companies' systems.

"We've integrated the security environment," said Ballmer, "enabling you to essentially form an integrated view of users, security and IDs between the Sun world and the Microsoft world. That's a very important piece of work that we have done in the first 12 months."

The companies jointly developed single sign-on specifications for both .Net and Sun's Java Enterprise System environment that work within a company's firewalls and with suppliers and partners.

Microsoft and Sun also said they are jointly developing software for managing the systems of both companies from a single console and working to improve the ability of Sun's Sun Ray thin-client system to work with Microsoft products. "You have Solaris and Windows playing nice - in unique and quite unexpected ways across the board," said McNealy.

The two companies also formed an IT advisory board that includes Fred Killeen, director of systems development and chief technology officer at General Motors' Information Systems and Services organisation.

GM, which has one million users across the globe, is a heavy user of Solaris and Windows systems, Killeen said. The automaker uses Microsoft desktops that authenticate users to Active Directory, but it also has a user portal environment called Socrates that uses Sun's portal products and directory in the back end.

The Microsoft and Sun effort will "enable us to have an end-to-end authentication for the users," he said. Such authentication is important because "it will take out a significant amount of the complexity in our current environment," said Killeen. "We will have fewer passwords, we will have fewer calls to our help desk, so we expect that we will reduce the complexity and the cost. So this is really a big deal for us," he said.

The single sign-on draft specs, called Web Single Sign-On Metadata Exchange Protocol and Web Single Sign-On Interoperability Profile, will be submitted to an as-yet-unidentified standards body and will likely be included in next year's product releases.