Openid
Download
1 / 14

OpenID - PowerPoint PPT Presentation


  • 135 Views
  • Uploaded on

OpenID. And the Future of Digital Identity Alicia Bozyk April 1, 2008. Introduction. Identity 1.0. Identity happens in silos Closed and complex. Identity 2.0 is a way for users to have one identity that can be used in multiple places

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' OpenID ' - honorato-graham


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Openid

OpenID

And the Future of Digital Identity

Alicia Bozyk

April 1, 2008


Introduction
Introduction

Identity 1.0

  • Identity happens in silos

  • Closed and complex


Introduction1

Identity 2.0 is a way for

users to have one

identity that can be

used in multiple places

on the web.

Must Be:

Simple

Scalable

Flexible

Introduction

Identity 2.0


Technologies
Technologies

  • OpenID

  • Windows CardSpace


Openid1
OpenID

  • OpenID is a decentralized single sign on service.

  • Managed by the OpenID Foundation

  • General Principles:

    • simple, modular, free, and further extensible

  • Provides the verification of a users identity from an identity provider to a relying party


Openid2
OpenID

What is an OpenID?

  • URI/XRI identifier that is used to find the OpenID Identity Provider for a user

  • An example identifier is:

    http://alicia.myopenid.com


Openid3
OpenID

Yadis Capability Document


Openid4
OpenID

Authentication

  • user initiates authentication by supplying and identifier to a relying party

  • relying party performs discovery and determines the endpoint URL to request authentication from

  • relying party and identity provider establish a shared secret through the use of the Diffie-Hellman key exchange, and signs all of the following messages with this key

  • relying party requests authentication for the user

  • identity provide determines whether the end user is authorized to perform OpenID authentication and wishes to do so the identity provider returns either an assertion that authentication is approved or has failed

  • relying party verifies the information received from the provider by checking the return URL, verifying the discovered information, checking a nonce, and verifying the signature using the established shared key


Openid5
OpenID

Strengths:

  • Decentralized and Portable

  • Easily Controlled and Managed by User

  • Lightweight

    Weaknesses:

  • Phishing

  • Windows Only


Windows cardspace
Windows CardSpace

  • Identity Metasystem

    • Information Cards

      Goals:

  • A way to represent identities using claims

  • A means for identity providers, relying parties, and subjects to negotiate

  • An encapsulating protocol to obtain claims and requirements

  • A means to bridge technology and organizational boundaries using claims transformation

  • A consistent user experience across multiple contexts, technologies, and operators


Cardspace
CardSpace

Strengths:

  • Consistent User Interface

  • Security – uses SAML

    Weaknesses:

  • Portability

  • Security – physical

  • Windows Only


Conclusions
Conclusions

  • OpenID is the next step in managing digital identity

  • OpenID is better than other solutions since it is decentralized, free, and open standard, and is gaining momentum in the online community

  • OpenID helps breaks the boundaries between web applications



ad