Lynn Fy07 Q4 Msdn Events Copy

1,103 views
1,030 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,103
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Lynn Fy07 Q4 Msdn Events Copy

    1. 1. MSDN Event Spring, 2007 Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal
    2. 2. Next Generation Identity Management with Windows CardSpace
    3. 3. What We Will Cover <ul><li>Identity Metasystem </li></ul><ul><li>CardSpace in Windows Vista </li></ul><ul><li>Using Information Cards </li></ul>
    4. 4. Agenda <ul><li>Identity Metasystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
    5. 5. Identity Crisis <ul><li>The Internet is dangerous! </li></ul><ul><ul><li>Identity theft, spoofing, phishing, phraud </li></ul></ul><ul><ul><li>Username + password is weak and overwhelmed </li></ul></ul><ul><li>Enterprises are in identity silo hell </li></ul>www.antiphishing.org 22% Stopped 25% Cut back
    6. 6. Why an Identity MetaSystem? Prevent Phishing Attacks Prevent Identity Theft Reduce User Names and Passwords Put the User in Control
    7. 7. Identity Metasystem Objectives & Characteristics <ul><li>No Single Authority </li></ul><ul><li>Open Framework </li></ul><ul><li>Set of Protocols </li></ul><ul><li>Standards Built on SOAP and XML </li></ul><ul><li>User in Control </li></ul>
    8. 8. Identity Metasystem Seven Laws User Control and Consent Minimal Disclosure Justifiable Parties Pluralism of Operators Human Integration Consistent Experience Directional Identity
    9. 9. Identity System Model User Identity Provider Relying Party Trust Identity Selector Claims Token translation
    10. 10. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
    11. 11. What is CardSpace? No Personal Data Processing Engine Replace User Names and Passwords Digital Identity in CardSpace Built on .NET Framework 3.0
    12. 12. CardSpace as a Metaphor My Business My Government My Bank My School
    13. 13. What CardSpace Addresses <ul><li>User name/password fatigue </li></ul><ul><li>Phishing and phraud </li></ul><ul><li>Lack of confidence in Internet </li></ul>
    14. 14. Working with CardSpace
    15. 15. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
    16. 16. Protocol Drill Down Identity Provider (IP) Relying Party (RP) Client Client would like to access a resource RP provides identity requirements: format, claims & issuer of security token 1 2 User 3 Client shows which of known IPs can satisfy requirements User selects an IP 4 5 Request to IP Security Token Service for security token providing user credentials 6 IP generates security token based on RP’s requirements with display token and proof of possession for user 7 User views token and approves the release of token 8 Token is released to RP with proof of possession RP reads claims and allows access
    17. 17. Adding Information Card Support to a Web Site
    18. 18. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
    19. 19. Participants – Identity Provider Security Token Service SSL Certificate Information Card Creation and Provisioning Examples
    20. 20. Participants – relying party Policy Code to process token SSL Certificate
    21. 21. Participants – Clients Browsers Internet Explorer, Firefox, etc. Non-Windows Rich Clients
    22. 22. Converting a Traditional Web Site to Accept Information Cards
    23. 23. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
    24. 24. Extended Value SSL Certificates Better End User feedback More Secure Implemented in Internet Explorer 7 Extends SSL
    25. 25. Card Revocations relying party Identity Provider
    26. 26. Accessing multiple web sites with a single Information Card
    27. 27. Session Summary <ul><li>An Identity Metasystem Is Needed </li></ul><ul><li>The Framework Is In Place </li></ul><ul><li>Need More Participants </li></ul>
    28. 28. Resources <ul><li>CardSpace samples and articles </li></ul><ul><li>http://cardspace.netfx3.com </li></ul><ul><li>The Identity Metasystem </li></ul><ul><li>http://www.identityblog.com </li></ul><ul><li>MSDN Events Resources </li></ul><ul><li>http://www.msdnevents.com/resources </li></ul>
    29. 29. Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal

    ×