Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Knock Knock - Who's There?


Published on

A presentation given at the SSP conference in June 2007.

The talk provides a basic introduction to the "identity problem", federated authentication and the two main systems of relevance to academic publishers and librarians: OpenID and Shibboleth

Published in: Technology, Education
  • Be the first to comment

Knock Knock - Who's There?

  1. 1. Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Scholarly Publishing San Francisco, June 2007
  2. 2. The Identity Problem
  3. 3. Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
  4. 4. Identity Silos
  5. 5. Vendor Lock-In E.g. Microsoft Passport
  6. 6. Single Sign-On can solve these problems Single Sign-On = Federated Authentication
  7. 7. Knock, Knock
  8. 8. Who’s There?
  9. 9. Dude..It’s Me…
  10. 10. Who Says?
  11. 11. Er…Ask That Guy…
  12. 13. Hey, do you know this guy?
  13. 14. Dude, that’s Leigh
  14. 15. Respect Mah Authoritah!
  15. 16. Oh, OK. Thanks
  16. 17. Hi, Leigh…
  17. 18. There’s More Than One Way to Implement This
  18. 19. User Service Provider Identity Provider
  19. 20. Where Things Differ… <ul><li>How do we know who the user’s Identity Provider is? </li></ul><ul><li>How do the Service Providers and Identity Providers talk to one another? </li></ul><ul><li>What information does the Identity Provider expose about the User? </li></ul><ul><li>Can we trust the Identity Provider? </li></ul><ul><li>How does the Identity Provider authenticate the user? </li></ul>
  20. 23. OpenId <ul><li>User-centric </li></ul><ul><li>Simple to implement </li></ul><ul><li>Growing number of open source toolkits </li></ul><ul><li>Rapid adoption in web community </li></ul><ul><li>Does not address trust issue </li></ul>
  21. 24. Shibboleth <ul><li>Library-centric </li></ul><ul><li>Complex to implement </li></ul><ul><li>Open source software plus commercial options </li></ul><ul><li>Growing adoption in library and publishing communities </li></ul><ul><li>Introduces element of trust </li></ul>
  22. 25. Conclusions & Further Reading