Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Identity Management Framework on Ericsson Labs


Published on

Using the OpenID protocol and SIM card-based authentication, the framework provides a secure and simple way to enable user registration and sign-in for your website. All you need to do is to define the identity attributes you wish to receive, the authentication method and the framework does the rest.

Published in: Technology
  • Be the first to comment

Identity Management Framework on Ericsson Labs

  1. 1. IdentityManagementFramework A API
  2. 2. Identity Management Framework› The Identity (ID) Management Framework enables your website to provide easy and secure sign-in and sign-up.› The ID Management Framework is composed by two main parts: – An API that allows you to easily provide secure registration and authentication functionalities to your website. – A Portal that allows your end-users to manage and control their accounts.› It is based on the OpenID protocol and provides support to GBA- based authentication method. – GBA is the upcoming technology for authentication using Mobile Network Operators’ infrastructure.› Support for Android smartphones and computer desktops.© Ericsson AB 2010 | Page 2
  3. 3. WHY ID Management Framework Enabler?› Make your website easy and secure to sign-in and sign-up.› Increase the number of registered users by eliminating the barrier of creating a new account.› Enable OpenID on your website with a few simple steps.› No need to worry about registration forms, secure storage of usernames and passwords, security algorithms and protocols.© Ericsson AB 2010 | Page 3
  4. 4. Main Features of the ID Management Framework› Support OpenID authentication: Your website can provide login for your users using our ID Management Server or any other OpenID Identity Provider on the Internet.› Select the authentication method our Portal should use for your users: Username/password or GBA-based authentication.› Request user’s information commonly requested on registration forms (e.g., full name, email, phone, address).© Ericsson AB 2010 | Page 4
  5. 5. ID Management Framework Overview© Ericsson AB 2010 | Page 5
  6. 6. Java Web API› The API allows you to enable OpenID on your website.› For your users, logging in your website can be as simple as clicking on a button.// Create a instance of the ClientAuthenticator class using the URL where your// server will receive the responses for your authentication requestsClientAuthenticator clientAuthenticator = new ClientAuthenticator ("" + "?is_return=true");// [Optional] Set which attributes you want to request.AttributeRequest attrReq = new AttributeRequest();attrReq.setFullnameRequested(true); attrReq.setEmailRequested(true);// Create the authentication request URL. The userSuppliedString parameter is// the OpenID identity informed by the user or our IdM server address.String redirectRequestURL =clientAuthenticator.getAuthRedirectionURL(userSuppliedString, attrReq);// Redirect the users browser and place the authentication request.httpServletResponse.sendRedirect(redirectRequestURL);© Ericsson AB 2010 | Page 6
  7. 7. Example applicationOur API allows users to log into your website using the EricssonLabs Identity Management Framework. The user’s web browser will be redirected to the Labs ID Management website for authentication.After successful authentication, the Labs ID Management Serverwill redirect the user’s browser back to your website with aconfirmation, containing the user’s OpenID identity and someoptional attributes (e.g., full name, email, phone, address).© Ericsson AB 2010 | Page 7
  8. 8. Android Support › The user’s device can be an Android smartphone. › The framework implements software that partially simulates SIM Card functionalities, which we call GCE (GBA Credential Engine).© Ericsson AB 2010 | Page 8
  9. 9. © Ericsson AB 2010 | Page 9