Post on 06-May-2015
description
transcript
David Orrell, Eduserv Foundationdavid.orrell@eduserv.org.uk
www.eduserv.org.uk/foundation
OpenID:An Identity System for the Open Web
Online Information, December 2008
2ALT-C 2008 Sponsor Session
September 2008
OpenID: What is it?
Identities: Trusted vs trusted.
Activities: Formal vs informal.
Usage scenarios.
3ALT-C 2008 Sponsor Session
September 2008
Uses of online identity
• Control access to ‘known’ users or subscribers.– Depends on claims asserted by trusted party.
• Personalisation– Depends on self-asserted claims by user.
• Common presence across services.– Depends on universal identifier – with consent of user.
4ALT-C 2008 Sponsor Session
September 2008
• Defines globally unique identifiers for users.
• They're URLs...
http://dno.myopenid.com
http://openid.eduserv.org.uk/dno
5ALT-C 2008 Sponsor Session
September 2008
• A mechanism to verify the URL ‘belongs to’ its bearer.
• User chooses provider to hold their profile and check credentials.
• That's it! Almost.
Who are you?
(1)
http://dno.myopenid.com
OpenID (Identity) Provider
(2)
(3)Verification
+ attribute exchange (optional)
9ALT-C 2008 Sponsor Session
September 2008
Who's using it?
Estimated over 250 million identities!
You've probably already got one!
BBC AOL Google Yahoo Flickr
Microsoft MySpace Orange Verisign
10ALT-C 2008 Sponsor Session
September 2008
• Shibboleth– Credentials ‘owned’ by issuing organisation (eg.
University, workplace).
– Exist for duration of study, employment etc.
– Trusted claims.
– Federations with well-defined boundaries.
• OpenID– Credentials ‘owned’ by user.
– Exist for sustained period.
– Untrusted claims.
Learning/research
Mobileaccess
Collaboration
Lifelong-learning/alumni
Shibboleth
Managed Information Cards
Trust Federations
Assessment
Subscription resources
Campus services
Library services
BloggingPersonalisation
OpenID
Personal identities
PersonalInformation Cards
Social Networks
12ALT-C 2008 Sponsor Session
September 2008
OpenID reflects trends of the Open Web.... and those of users and learners.
Open content, collaboration, linked-data, RESTful APIs, social software, microformats.
13ALT-C 2008 Sponsor Session
September 2008
Learners want to use the services they choose, know, and like to use.
– Provides access to best-of-breed services.
Staff want to find the best, and most appropriate services for themselves & students.
– Campuses can't provide diverse enough set of services.
14ALT-C 2008 Sponsor Session
September 2008
Scenario 1:
Universities issue OpenIDs
– Easy to do– Inferred membership of organisation...
http://openid.bath.ac.uk/user– Identifier not portable between organisations
15ALT-C 2008 Sponsor Session
September 2008
Scenario 2:
Association of an existing OpenID with a ‘formal’ University identity
– Also easy to do– Lifelong learning– Collaboration with peers– ‘Hides’ OpenID from service providers
16ALT-C 2008 Sponsor Session
September 2008
Scenario 3:
Hybrid model: OpenID as a pointer to a formal identity
(1)OpenID request
http://dno.myopenid.com
(4) Formal claims
(3)
Shibboleth request
Informal claims +
pointer to ‘formal’ university
identity provider
(2) Service Provider
19ALT-C 2008 Sponsor Session
September 2008
Conclusions
• Gives users choice.
• Fits in with a user-centric, Web 2.0 view of the world.
• Bridge to a more diverse range of services.
• Life-long learning identity association.
• Users can build up personal portfolio of services.
• Institutional, non-institutional mash-ups.
20ALT-C 2008 Sponsor Session
September 2008
Considerations
• It's not a universal solution.– Or is it?
– Good for the techies/Web 2.0 people.
• Not without risks.– Service levels and continuity
– Data-loss – too much dependency on external services.
21ALT-C 2008 Sponsor Session
September 2008
Thank you
david.orrell@eduserv.org.uk