Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Claim based AuthenticationPresented by:                Sean Xiong
About me            First Name: HuangTao (Since 16 years old), Tao is        my real name.            Surname: XIONG (pr...
Problems with current Authentication    As application users       •               make several user accounts at several ...
Basic idea
Like in our daily life
But web scenario is much more complicateChallenges.              Who are the Identity Providers?              Whats the ...
Claim based AuthenticationWho is Identity Provider?          There are a couple of Identity providers nowadays like Googl...
Complete scenarioIdentity Provider         3. Select Identity Provider &                          Authenticate to Identity...
Should we use it?  Yes, we should.        Just because it fixes current problems.      Google, Apple, MS and many others...
Questions??          Questions & Answers
Upcoming SlideShare
Loading in …5
×

Claim based authentaication

623 views

Published on

Published in: Technology, Business
  • Be the first to comment

  • Be the first to like this

Claim based authentaication

  1. 1. Claim based AuthenticationPresented by: Sean Xiong
  2. 2. About me  First Name: HuangTao (Since 16 years old), Tao is my real name.  Surname: XIONG (pronouns similarly with “Sean” & means in Chinese).  Research Engineer @ SSRG & work on Yuruware Monitor.  Studied at UNSW between Mar 2008 and Nov 2009 for Master degree of Information Technology.  Studied at Jilin University China from July 2003 to July 2007 for Bachelor degree of Engineering in Software Engineering.
  3. 3. Problems with current Authentication As application users • make several user accounts at several portals/websites. • Every time users have to remember the user credentials for the corresponding website. • If users do not remember username & passwd. As application developers  have to develop a Authentication unit for each of your product.  Waste time and $$$$$  May loss opportunities.
  4. 4. Basic idea
  5. 5. Like in our daily life
  6. 6. But web scenario is much more complicateChallenges.  Who are the Identity Providers?  Whats the data (Identity) needed for Relying Party?  What data can be transferred from Identity provider and in which form?  How does Relying Party (applications) trust Identity Provider?So, We need a mechanism.
  7. 7. Claim based AuthenticationWho is Identity Provider?  There are a couple of Identity providers nowadays like Google, Facebook....  And even we can develop our own Identity Provider for our products.Whats the data (Identity) needed and in which form?  Identity is a group of information that can uniquely identify anything. e.g. user credential.  In digital era, Identity passed as a stream of bytes and that is known as “Token” which contains some set of “Claims”.How does Relying Party trust Identity Provider? Reply Party (applications) tells Client where to get the Identity and verify the Token by checking its Signature.
  8. 8. Complete scenarioIdentity Provider 3. Select Identity Provider & Authenticate to Identity Provider Selector 2. Invoke Selector & Request Claims Application Relying Party 4. Passes Token to application 5. Verifies Token & allow access 6. Provides service 1. Request Clients Service
  9. 9. Should we use it? Yes, we should.  Just because it fixes current problems.  Google, Apple, MS and many others are doing Authentication in the similar ways.
  10. 10. Questions?? Questions & Answers

×