+ All Categories
Home > Documents > Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Date post: 19-Dec-2015
Category:
View: 216 times
Download: 0 times
Share this document with a friend
21
Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli
Transcript
Page 1: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Mashing Up withUser-Centric Identity

America Online LLCJohn Panzer, Praveen Alavilli

Page 2: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Web 2.0

Data Sharing Social Collaboration Perpetual Beta Incremental Evolution Web as a Platform, and Users in Control

Page 3: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Mashup

Wikipedia: "a website or application that combines content from more than one source into an integrated experience."

API[1] + API[2] + … +API[N]Netvibes.com, imified.com, etc…

Page 4: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Role of Identity

Well .. to identify the user for ….PersonalizationAuthorization / Access ControlCommunicationContent PublishingMaintaining Public Identity across Providers

Page 5: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

But … it is also

A barrier to entryRegistration == drop offID fatigue among users

Expensive to maintain authentication infrastructure

Page 6: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Online Identity

Lives moving online Virtual world identity != physical world

identity Fragmentation of identity across services Limits value of services (network growth

slowed) Not necessary to bind identity and services

together

Page 7: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

User-Centric Identity

Providing user choice Privacy protecting Easy to adopt & use Allowing collaboration Supporting Long Tail applications Internet scale

Page 8: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Open Protocols

Community drivenOpenIDCardSpaceLiberty (SAML)

Single ProviderYahoo! BBAuthGoogle Account APIAOL OpenAuth

Page 9: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Challenges w/ Adoption

Platform/OS dependenciesProgramming language supportToo many APIs/protocolsComplex message formats

Page 10: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Challenges: User Experience

Sites with existing user base Same ID/Password every where Inconsistent login experience ‘Deputization’ of services Redirects

Page 11: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Challenges: Permission Management

Different ways to manage user permissions (consent)

Implicit vs explicit Client vs server Decentralized consent management Managing given consents

Page 12: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Security Issues

XSS Phishing Authentication tokens for sites vs users Managing sessions (client side vs server

side) Validating and invalidating authentication

tokens

Page 13: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Privacy Issues

Same identifier everywhere Public vs private personas Anonymous and randomized identities

Page 14: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Reputation Services

Why is reputation important? Who owns it? Based on

Published content Activity Collaboration with other services (Mail, IM, etc.)

Actions to take Restricted usage limits Block/deny requests Report to reputation services

Page 15: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Next Steps…

User Experience Consistency is key

User Permissions Ask user Implied consents are bad

Report and consume reputation Identity and associated data under user’s control

Support multiple public/private identities Support switching Identity Providers

Adopt protocols that support all (most) of the above

Page 16: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

AOL Open Authentication API

http://dev.aol.com/openauthhttp://dev.aol.com/openauth

Light weight provisioning and authentication of AIM/ICQ/AOL users

Easy to integrate via browser redirect, AJAX, or direct models

Permission management ‘Deputization’ of services through secure token

exchange AOL Open Services built on OpenAuth

Other services: Integrated OpenID Provider (OP) OpenID Authentication Token Exchange Extension OpenID Consumer/Relying Party - accepts 3rd party OpenIDs

STS for CardSpace in future

Page 17: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Sign In Page

Page 18: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Permission Request Page

Page 19: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

User Permission Management Page

https://my.screenname.aol.com

Page 20: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Ficlets

Page 21: Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli.

Q & A

Contact Info

Praveen Alavilli John Panzer=praveen.alavilli =john.panzer

http://dev.aol.comhttp://dev.aol.com


Recommended