Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Sch...
The Identity Problem
Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
Identity Silos
Vendor Lock-In E.g. Microsoft Passport
Single Sign-On can solve these problems Single Sign-On = Federated Authentication
Knock, Knock
Who’s There?
Dude..It’s Me…
Who Says?
Er…Ask That Guy…
 
Hey, do you know this guy?
Dude, that’s Leigh
Respect Mah Authoritah!
Oh, OK. Thanks
Hi, Leigh…
There’s More Than One Way to Implement This
User Service Provider Identity Provider
Where Things Differ… <ul><li>How do we know who the user’s Identity Provider is? </li></ul><ul><li>How do the Service Prov...
 
 
OpenId <ul><li>User-centric </li></ul><ul><li>Simple to implement </li></ul><ul><li>Growing number of open source toolkits...
Shibboleth <ul><li>Library-centric </li></ul><ul><li>Complex to implement </li></ul><ul><li>Open source software plus comm...
Conclusions & Further Reading http://del.icio.us/ldodds/tag/ssp-2007-06
Upcoming SlideShare
Loading in...5
×

Knock Knock - Who's There?

4,625

Published on

A presentation given at the SSP conference in June 2007.

The talk provides a basic introduction to the "identity problem", federated authentication and the two main systems of relevance to academic publishers and librarians: OpenID and Shibboleth

Published in: Technology, Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
4,625
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
101
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide
  • Knock Knock - Who's There?

    1. 1. Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Scholarly Publishing San Francisco, June 2007
    2. 2. The Identity Problem
    3. 3. Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
    4. 4. Identity Silos
    5. 5. Vendor Lock-In E.g. Microsoft Passport
    6. 6. Single Sign-On can solve these problems Single Sign-On = Federated Authentication
    7. 7. Knock, Knock
    8. 8. Who’s There?
    9. 9. Dude..It’s Me…
    10. 10. Who Says?
    11. 11. Er…Ask That Guy…
    12. 13. Hey, do you know this guy?
    13. 14. Dude, that’s Leigh
    14. 15. Respect Mah Authoritah!
    15. 16. Oh, OK. Thanks
    16. 17. Hi, Leigh…
    17. 18. There’s More Than One Way to Implement This
    18. 19. User Service Provider Identity Provider
    19. 20. Where Things Differ… <ul><li>How do we know who the user’s Identity Provider is? </li></ul><ul><li>How do the Service Providers and Identity Providers talk to one another? </li></ul><ul><li>What information does the Identity Provider expose about the User? </li></ul><ul><li>Can we trust the Identity Provider? </li></ul><ul><li>How does the Identity Provider authenticate the user? </li></ul>
    20. 23. OpenId <ul><li>User-centric </li></ul><ul><li>Simple to implement </li></ul><ul><li>Growing number of open source toolkits </li></ul><ul><li>Rapid adoption in web community </li></ul><ul><li>Does not address trust issue </li></ul>
    21. 24. Shibboleth <ul><li>Library-centric </li></ul><ul><li>Complex to implement </li></ul><ul><li>Open source software plus commercial options </li></ul><ul><li>Growing adoption in library and publishing communities </li></ul><ul><li>Introduces element of trust </li></ul>
    22. 25. Conclusions & Further Reading http://del.icio.us/ldodds/tag/ssp-2007-06
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×