Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
MSDN Event Spring, 2007 Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal
Next Generation Identity Management with Windows CardSpace
What We Will Cover <ul><li>Identity Metasystem </li></ul><ul><li>CardSpace in Windows Vista </li></ul><ul><li>Using Inform...
Agenda <ul><li>Identity Metasystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li><...
Identity Crisis <ul><li>The Internet is dangerous! </li></ul><ul><ul><li>Identity theft, spoofing, phishing, phraud </li><...
Why an Identity MetaSystem? Prevent Phishing Attacks Prevent Identity Theft Reduce User Names and Passwords Put the User i...
Identity Metasystem Objectives & Characteristics <ul><li>No Single Authority </li></ul><ul><li>Open Framework </li></ul><u...
Identity Metasystem Seven Laws User Control and Consent Minimal  Disclosure Justifiable Parties Pluralism of Operators Hum...
Identity System Model User Identity Provider Relying Party Trust Identity Selector Claims Token translation
Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li><...
What is CardSpace? No Personal Data Processing Engine Replace User Names and Passwords Digital Identity in  CardSpace Buil...
CardSpace as a Metaphor My Business My Government My Bank My School
What CardSpace Addresses <ul><li>User name/password fatigue </li></ul><ul><li>Phishing and phraud </li></ul><ul><li>Lack o...
Working with CardSpace
Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li><...
Protocol Drill Down Identity Provider (IP) Relying Party (RP) Client Client would like to access a resource RP provides id...
Adding Information Card Support to a Web Site
Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li><...
Participants – Identity Provider Security Token Service SSL Certificate Information Card Creation and Provisioning Examples
Participants – relying party Policy Code to  process token SSL Certificate
Participants – Clients Browsers Internet Explorer, Firefox, etc. Non-Windows Rich Clients
Converting a Traditional Web Site to Accept Information Cards
Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li><...
Extended Value SSL Certificates Better End User feedback More Secure Implemented in Internet Explorer 7 Extends SSL
Card Revocations relying party Identity Provider
Accessing multiple web sites with a single Information Card
Session Summary <ul><li>An Identity Metasystem Is Needed </li></ul><ul><li>The Framework Is In Place </li></ul><ul><li>Nee...
Resources <ul><li>CardSpace samples and articles </li></ul><ul><li>http://cardspace.netfx3.com </li></ul><ul><li>The Ident...
Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal
Upcoming SlideShare
Loading in …5
×

Lynn Fy07 Q4 Msdn Events Copy

1,224 views

Published on

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Lynn Fy07 Q4 Msdn Events Copy

  1. 1. MSDN Event Spring, 2007 Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal
  2. 2. Next Generation Identity Management with Windows CardSpace
  3. 3. What We Will Cover <ul><li>Identity Metasystem </li></ul><ul><li>CardSpace in Windows Vista </li></ul><ul><li>Using Information Cards </li></ul>
  4. 4. Agenda <ul><li>Identity Metasystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
  5. 5. Identity Crisis <ul><li>The Internet is dangerous! </li></ul><ul><ul><li>Identity theft, spoofing, phishing, phraud </li></ul></ul><ul><ul><li>Username + password is weak and overwhelmed </li></ul></ul><ul><li>Enterprises are in identity silo hell </li></ul>www.antiphishing.org 22% Stopped 25% Cut back
  6. 6. Why an Identity MetaSystem? Prevent Phishing Attacks Prevent Identity Theft Reduce User Names and Passwords Put the User in Control
  7. 7. Identity Metasystem Objectives & Characteristics <ul><li>No Single Authority </li></ul><ul><li>Open Framework </li></ul><ul><li>Set of Protocols </li></ul><ul><li>Standards Built on SOAP and XML </li></ul><ul><li>User in Control </li></ul>
  8. 8. Identity Metasystem Seven Laws User Control and Consent Minimal Disclosure Justifiable Parties Pluralism of Operators Human Integration Consistent Experience Directional Identity
  9. 9. Identity System Model User Identity Provider Relying Party Trust Identity Selector Claims Token translation
  10. 10. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
  11. 11. What is CardSpace? No Personal Data Processing Engine Replace User Names and Passwords Digital Identity in CardSpace Built on .NET Framework 3.0
  12. 12. CardSpace as a Metaphor My Business My Government My Bank My School
  13. 13. What CardSpace Addresses <ul><li>User name/password fatigue </li></ul><ul><li>Phishing and phraud </li></ul><ul><li>Lack of confidence in Internet </li></ul>
  14. 14. Working with CardSpace
  15. 15. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
  16. 16. Protocol Drill Down Identity Provider (IP) Relying Party (RP) Client Client would like to access a resource RP provides identity requirements: format, claims & issuer of security token 1 2 User 3 Client shows which of known IPs can satisfy requirements User selects an IP 4 5 Request to IP Security Token Service for security token providing user credentials 6 IP generates security token based on RP’s requirements with display token and proof of possession for user 7 User views token and approves the release of token 8 Token is released to RP with proof of possession RP reads claims and allows access
  17. 17. Adding Information Card Support to a Web Site
  18. 18. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
  19. 19. Participants – Identity Provider Security Token Service SSL Certificate Information Card Creation and Provisioning Examples
  20. 20. Participants – relying party Policy Code to process token SSL Certificate
  21. 21. Participants – Clients Browsers Internet Explorer, Firefox, etc. Non-Windows Rich Clients
  22. 22. Converting a Traditional Web Site to Accept Information Cards
  23. 23. Agenda <ul><li>Identity MetaSystem </li></ul><ul><li>What is CardSpace? </li></ul><ul><li>Information Card Protocol </li></ul><ul><li>Information Card Participants </li></ul><ul><li>More Security </li></ul>
  24. 24. Extended Value SSL Certificates Better End User feedback More Secure Implemented in Internet Explorer 7 Extends SSL
  25. 25. Card Revocations relying party Identity Provider
  26. 26. Accessing multiple web sites with a single Information Card
  27. 27. Session Summary <ul><li>An Identity Metasystem Is Needed </li></ul><ul><li>The Framework Is In Place </li></ul><ul><li>Need More Participants </li></ul>
  28. 28. Resources <ul><li>CardSpace samples and articles </li></ul><ul><li>http://cardspace.netfx3.com </li></ul><ul><li>The Identity Metasystem </li></ul><ul><li>http://www.identityblog.com </li></ul><ul><li>MSDN Events Resources </li></ul><ul><li>http://www.msdnevents.com/resources </li></ul>
  29. 29. Lynn Langit Developer Evangelist Microsoft Corporation http://blogs.msdn.com/SoCalDevGal

×