Knock Knock - Who's There?

Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Scholarly Publishing San Francisco, June 2007

The Identity Problem

Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…

Identity Silos

Vendor Lock-In E.g. Microsoft Passport

Single Sign-On can solve these problems Single Sign-On = Federated Authentication

Knock, Knock

Who’s There?

Dude..It’s Me…

Who Says?

Er…Ask That Guy…

Hey, do you know this guy?

Dude, that’s Leigh

Respect Mah Authoritah!

Oh, OK. Thanks

Hi, Leigh…

There’s More Than One Way to Implement This

User Service Provider Identity Provider

Where Things Differ…
How do we know who the user’s Identity Provider is?
How do the Service Providers and Identity Providers talk to one another?
What information does the Identity Provider expose about the User?
Can we trust the Identity Provider?
How does the Identity Provider authenticate the user?

OpenId
User-centric
Simple to implement
Growing number of open source toolkits
Rapid adoption in web community
Does not address trust issue

Shibboleth
Library-centric
Complex to implement
Open source software plus commercial options
Growing adoption in library and publishing communities
Introduces element of trust

Conclusions & Further Reading http://del.icio.us/ldodds/tag/ssp-2007-06

http://www.logineo.fr	54
http://www.slideshare.net	7
http://209.85.135.104	1
http://www.m3fe-testing.railsdevelopment.de	1

Knock Knock - Who's There?

by Leigh Dodds on Jun 28, 2007

Accessibility

Categories

Tags

Upload Details

Usage Rights

4 Embeds 63

Statistics

Knock Knock - Who’s There? — Presentation Transcript