• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Knock Knock - Who's There?
 

Knock Knock - Who's There?

on

  • 7,099 views

A presentation given at the SSP conference in June 2007. ...

A presentation given at the SSP conference in June 2007.

The talk provides a basic introduction to the "identity problem", federated authentication and the two main systems of relevance to academic publishers and librarians: OpenID and Shibboleth

Statistics

Views

Total Views
7,099
Views on SlideShare
7,036
Embed Views
63

Actions

Likes
3
Downloads
100
Comments
0

4 Embeds 63

http://www.logineo.fr 54
http://www.slideshare.net 7
http://209.85.135.104 1
http://www.m3fe-testing.railsdevelopment.de 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

CC Attribution-ShareAlike LicenseCC Attribution-ShareAlike License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Knock Knock - Who's There? Knock Knock - Who's There? Presentation Transcript

  • Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Scholarly Publishing San Francisco, June 2007
  • The Identity Problem
  • Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
  • Identity Silos
  • Vendor Lock-In E.g. Microsoft Passport
  • Single Sign-On can solve these problems Single Sign-On = Federated Authentication
  • Knock, Knock
  • Who’s There?
  • Dude..It’s Me…
  • Who Says?
  • Er…Ask That Guy…
  •  
  • Hey, do you know this guy?
  • Dude, that’s Leigh
  • Respect Mah Authoritah!
  • Oh, OK. Thanks
  • Hi, Leigh…
  • There’s More Than One Way to Implement This
  • User Service Provider Identity Provider
  • Where Things Differ…
    • How do we know who the user’s Identity Provider is?
    • How do the Service Providers and Identity Providers talk to one another?
    • What information does the Identity Provider expose about the User?
    • Can we trust the Identity Provider?
    • How does the Identity Provider authenticate the user?
  •  
  •  
  • OpenId
    • User-centric
    • Simple to implement
    • Growing number of open source toolkits
    • Rapid adoption in web community
    • Does not address trust issue
  • Shibboleth
    • Library-centric
    • Complex to implement
    • Open source software plus commercial options
    • Growing adoption in library and publishing communities
    • Introduces element of trust
  • Conclusions & Further Reading http://del.icio.us/ldodds/tag/ssp-2007-06