Openid - an identity system for the open Web

5,181 views

Published on

A presentation given at Online Information 2008 in London.

Published in: Education, Technology
0 Comments
15 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,181
On SlideShare
0
From Embeds
0
Number of Embeds
30
Actions
Shares
0
Downloads
141
Comments
0
Likes
15
Embeds 0
No embeds

No notes for slide

Openid - an identity system for the open Web

  1. OpenID: An Identity System for the Open Web <ul><ul><li>Online Information, December 2008 </li></ul></ul>September 2008
  2. <ul><li>OpenID: What is it? </li></ul><ul><li>Identities: Trusted vs trusted. </li></ul><ul><li>Activities: Formal vs informal. </li></ul><ul><li>Usage scenarios. </li></ul>ALT-C 2008 Sponsor Session September 2008
  3. Uses of online identity <ul><li>Control access to ‘known’ users or subscribers. </li></ul><ul><ul><li>Depends on claims asserted by trusted party. </li></ul></ul><ul><li>Personalisation </li></ul><ul><ul><li>Depends on self-asserted claims by user. </li></ul></ul><ul><li>Common presence across services. </li></ul><ul><ul><li>Depends on universal identifier – with consent of user. </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  4. <ul><li>Defines globally unique identifiers for users. </li></ul><ul><li>They're URLs... </li></ul><ul><li>http://dno.myopenid.com </li></ul><ul><li>http://openid.eduserv.org.uk/dno </li></ul>ALT-C 2008 Sponsor Session September 2008
  5. <ul><li>A mechanism to verify the URL ‘belongs to’ its bearer. </li></ul><ul><li>User chooses provider to hold their profile and check credentials. </li></ul><ul><li>That's it! Almost. </li></ul>ALT-C 2008 Sponsor Session September 2008
  6. Who are you? (1) http://dno.myopenid.com OpenID (Identity) Provider (2) (3) Verification + attribute exchange (optional)
  7.  
  8.  
  9. Who's using it? <ul><li>Estimated over 250 million identities! </li></ul><ul><li>You've probably already got one! </li></ul>ALT-C 2008 Sponsor Session September 2008 BBC AOL Google Yahoo Flickr Microsoft MySpace Orange Verisign
  10. <ul><li>Shibboleth </li></ul><ul><ul><li>Credentials ‘owned’ by issuing organisation (eg. University, workplace) ‏ . </li></ul></ul><ul><ul><li>Exist for duration of study, employment etc. </li></ul></ul><ul><ul><li>Trusted claims. </li></ul></ul><ul><ul><li>Federations with well-defined boundaries. </li></ul></ul><ul><li>OpenID </li></ul><ul><ul><li>Credentials ‘owned’ by user. </li></ul></ul><ul><ul><li>Exist for sustained period. </li></ul></ul><ul><ul><li>Untrusted claims. </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  11. Learning/research Email Mobile access Collaboration Lifelong-learning/ alumni Shibboleth Managed Information Cards Trust Federations Assessment Subscription resources Campus services Library services Blogging Personalisation OpenID Personal identities Personal Information Cards Social Networks
  12. <ul><ul><li>OpenID reflects trends of the Open Web.... and those of users and learners. </li></ul></ul><ul><ul><li>Open content, collaboration, linked-data, RESTful APIs, social software, microformats. </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  13. <ul><ul><li>Learners want to use the services they choose, know, and like to use. </li></ul></ul><ul><ul><li>Provides access to best-of-breed services. </li></ul></ul><ul><ul><li>Staff want to find the best, and most appropriate services for themselves & students . </li></ul></ul><ul><ul><li>Campuses can't provide diverse enough set of services. </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  14. Scenario 1: <ul><ul><li>Universities issue OpenIDs </li></ul></ul><ul><ul><li>Easy to do </li></ul></ul><ul><ul><li>Inferred membership of organisation... </li></ul></ul><ul><ul><li>http://openid.bath.ac.uk/user </li></ul></ul><ul><ul><li>Identifier not portable between organisations </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  15. Scenario 2: <ul><ul><li>Association of an existing OpenID with a ‘formal’ University identity </li></ul></ul><ul><ul><li>Also easy to do </li></ul></ul><ul><ul><li>Lifelong learning </li></ul></ul><ul><ul><li>Collaboration with peers </li></ul></ul><ul><ul><li>‘ Hides’ OpenID from service providers </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  16. Scenario 3: <ul><ul><li>Hybrid model: OpenID as a pointer to a formal identity </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  17.  
  18. Service Provider (1) OpenID request http://dno.myopenid.com (4) Formal claims (3) Shibboleth request Informal claims + pointer to ‘formal’ university identity provider (2)
  19. Conclusions <ul><li>Gives users choice . </li></ul><ul><li>Fits in with a user-centric, Web 2.0 view of the world. </li></ul><ul><li>Bridge to a more diverse range of services. </li></ul><ul><li>Life-long learning identity association. </li></ul><ul><li>Users can build up personal portfolio of services. </li></ul><ul><li>Institutional, non-institutional mash-ups. </li></ul>ALT-C 2008 Sponsor Session September 2008
  20. Considerations <ul><li>It's not a universal solution. </li></ul><ul><ul><li>Or is it? </li></ul></ul><ul><ul><li>Good for the techies/Web 2.0 people. </li></ul></ul><ul><li>Not without risks. </li></ul><ul><ul><li>Service levels and continuity </li></ul></ul><ul><ul><li>Data-loss – too much dependency on external services. </li></ul></ul>ALT-C 2008 Sponsor Session September 2008
  21. <ul><ul><li>Thank you </li></ul></ul><ul><ul><li>[email_address] </li></ul></ul>ALT-C 2008 Sponsor Session September 2008

×