Date post: | 20-Aug-2015 |
Category: |
Technology |
Upload: | leigh-dodds |
View: | 4,632 times |
Download: | 1 times |
Knock, Knock – Who’s There?Towards Federated Authentication
Leigh DoddsChief Technology Officer, Ingenta
Society for Scholarly PublishingSan Francisco, June 2007
The Identity Problem
Too many passwords
…Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
Identity Silos
Vendor Lock-In
E.g. Microsoft Passport
Single Sign-On can solve these problems
Single Sign-On = Federated Authentication
Knock, Knock
Who’s There?
Dude..It’s Me…
Who Says?
Er…Ask That Guy…
Hey, do you know this guy?
Dude, that’s Leigh
Respect Mah Authoritah!
Oh, OK. Thanks
Hi, Leigh…
There’s More Than One Way to Implement This
User
Service Provider
Identity Provider
Where Things Differ…
• How do we know who the user’s Identity Provider is?
• How do the Service Providers and Identity Providers talk to one another?
• What information does the Identity Provider expose about the User?
• Can we trust the Identity Provider?
• How does the Identity Provider authenticate the user?
OpenId
• User-centric
• Simple to implement
• Growing number of open source toolkits
• Rapid adoption in web community
• Does not address trust issue
Shibboleth
• Library-centric
• Complex to implement
• Open source software plus commercial options
• Growing adoption in library and publishing communities
• Introduces element of trust
Conclusions & Further Reading
http://del.icio.us/ldodds/tag/ssp-2007-06