• Like

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
733
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
3
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Mashing Up with User-Centric Identity America Online LLC John Panzer, Praveen Alavilli
  • 2. Web 2.0  Data Sharing  Social Collaboration  Perpetual Beta  Incremental Evolution  Web as a Platform, and  Users in Control
  • 3. Mashup Wikipedia: "a website or application that combines content from more than one source into an integrated experience." API[1]+ API[2] + … +API[N] Netvibes.com, imified.com, etc…
  • 4. Role of Identity Well .. to identify the user for …. Personalization Authorization/ Access Control Communication Content Publishing Maintaining Public Identity across Providers
  • 5. But … it is also A barrier to entry Registration == drop off ID fatigue among users Expensive to maintain authentication infrastructure
  • 6. Online Identity  Lives moving online  Virtual world identity != physical world identity  Fragmentation of identity across services  Limits value of services (network growth slowed)  Not necessary to bind identity and services together
  • 7. User-Centric Identity  Providing User Choice  Privacy protecting  Easy to adopt & use  Allowing collaboration  Supporting the Long Tail Applications  Internet scale
  • 8. Open Protocols Community driven OpenID CardSpace Liberty (SAML) Proprietary Yahoo! BBAuth Google Account API AOL OpenAuth
  • 9. Challenges w/ Adoption Platform/OS dependencies Programming Language Support Too many APIs/Protocols Complex message formats
  • 10. Challenges w/ User Experience  Sites with existing user base  Same ID/Password every where  Inconsistent login experience  ‘deputization’ of services  Redirects
  • 11. Challenges w/ Permission Management  Different ways to manage user permissions (consent)  Implicit Vs Explicit  Client Vs Server  Distributed Consent Management  Managing given Consents
  • 12. Security Issues  XSS  Phishing  Authentication Tokens for Sites Vs Users  Managing Sessions (Client side Vs Server side)  Authentication Tokens validation/invalidation
  • 13. Privacy Issues  Same Identifier everywhere  Public Vs Private Personas  Anonymous and Randomized Identities
  • 14. Reputation Services  Why Reputation ?  Who owns it ?  based on  Published content  Activity  Collaboration with other Services (Mail, IM, etc.)  Actions to take  Restricted Usage limits  Block/Deny requests  Report to Reputation Services
  • 15. next steps…  User Experience Consistency is the “Key”   User Permissions Ask User !  Implied consents are bad   Report and Consume Reputation  Identity and associated data under user’s control Support multiple public/private identities  Support switching Identity Providers   Adopt protocols that support all (most) of the above
  • 16. AOL Open Authentication API • Simple API to Authenticate AOL/AIM/ICQ Users • Light-weight “provisioning” and easy integration/use • Well known/understood Technologies HTTP/TLS/XML/JSON/… • • Permission (Consent) Management • Secure Token exchange for ‘deputization’ of services Designed for AOL Open Services Consumption • • Supports Redirect, AJAX, and Direct Models • Also … OpenID Provider (OP) • OpenID Authentication Token Exchange Extension • OpenID Consumer/Relying Party - accepts 3rd party OpenIDs • • STS for CardSpace (in the future) http://dev.aol.com/openauth
  • 17. Sign In Page
  • 18. Permission Request Page
  • 19. User Permission Management Page https://my.screenname.aol.com
  • 20. Ficlets
  • 21. Q&A http://dev.aol.com Contact Info Praveen Alavilli John Panzer =john.panzer =praveen.alavilli