Your SlideShare is downloading. ×
OpenID Authentication
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

OpenID Authentication

9,054
views

Published on

Slides from the Google TechTalk (Zurich, Switzerland) in April 2007. A technical overview of OpenID. …

Slides from the Google TechTalk (Zurich, Switzerland) in April 2007. A technical overview of OpenID.

Originally posted: http://www.keepthebyte.ch/2007/04/google-tech-talk-on-openid.html

Published in: Technology, Design

1 Comment
22 Likes
Statistics
Notes
No Downloads
Views
Total Views
9,054
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
483
Comments
1
Likes
22
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Distributed SSO Cédric Hüsler CTO local.ch Google TechTalk Zürich - April 2007
  • 2. Quick Poll Who always use the same PW for every new account on a new site? Who has a blog? Who has an OpenID?
  • 3. BA BA SII SC CS prove you are really who you suppose to be S Authentication Username & Password Challenge-response Public-Private Key vs. what are you allowed to do Authorization ACL (Access Control List) RBAC (Role-based Access Control)
  • 4. BA BA SIIC S CS ability to uniquely identify yourself S Identity Your Name AHV-Nr / SSN Fingerprint vs. ability to control what others know about you Privacy Can you keep a secret? Virtualization Opt-in
  • 5. BA BA SII SC CS how much can I depend on you? S trust vs. control how much information am I going to give?
  • 6. BA BA SII SC CS S SSO Single-Sign-On   using the same automatic credentials to access authentication beyond multiple services session and service
  • 7. = Authentication Delegation = Identity Manager = Open API ≠ Authentication ≠ Trust
  • 8. Use a URL as user name! I own the domain: keepthebyte.ch - why not using it as user name?
  • 9. Time for demo! http://jyte.com/
  • 10. Login Process Overview Download at http://www.flickr.com/photos/keepthebyte/347821691/
  • 11. ...with trusted site auto login on the identity provider
  • 12. HTTP Level - Part 1/3 User Agent <> RP GET: %site%/login.html POST: %site%/login with OpenID RP <> IdP GET: openid url

×