SlideShare a Scribd company logo

Introduction to OpenID TX proposed extension

Download as PPT, PDF
Nat Sakimura
Nat Sakimura

The document provides an overview of the Trust Exchange (TX) extension for OpenID, which allows for contract-driven data exchange to enable more secure transactions. The TX extension defines protocols for contract negotiation using either synchronous POST binding or asynchronous artifact binding. It also defines an optional data transfer method and formats for contract proposals and signed contracts containing terms like participant IDs, amounts, signatures, and expiration dates. The goal is to augment OpenID with stronger authentication and secure attribute exchange for sensitive transactions.

Technology
1 of 13
An Introduction to OpenID TX ver. 1.4 Nat Sakimura (=nat)‏ Nov. 11, 2008
Preface ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Contents ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why TX? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Contract Driven Data Exchange = Trust Exchange (TX)‏
Highlight ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion +[TX] Contract Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
Notification OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] send Contract based Request [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Notification (status)‏ Status: Contract Complete, Data Changed, Contract terminated, ID removed [TX] Notification OP to RP notification RP to OP notification
Data Transfer (Optional)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] GET with Contract ID + Signature [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing N.B. Although TX defines a default Data Transfer protocol, it can be substituted by any other methods as long as it is specified in the Contract.
OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion +Contract ID Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing Artifact Binding Proposal Signing
OpenID Login + Payment (asynchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Completion Notification Artifact Binding Proposal Signing
Appendix: example proposal ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],NOTE: This is a bit out-of-date See http://sourceforge.jp/projects/openidtx/
Appendix: example contract ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],NOTE: This is a bit out-of-date See http://sourceforge.jp/projects/openidtx/

Recommended

R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020Amritha Antony
 
53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signature53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signatureBookStoreLib
 
Dsa & Digi Cert
Dsa & Digi CertDsa & Digi Cert
Dsa & Digi CertRam Dutt Shukla
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLIJNSA Journal
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic SignatureJoon Young Park
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature SchemeKelum Senanayake
 

Recommended

R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020R3Corda_Concepts+Components_AICTE_STTP_2020
R3Corda_Concepts+Components_AICTE_STTP_2020Amritha Antony
 
53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signature53398506 10-case-study-digital-signature
53398506 10-case-study-digital-signatureBookStoreLib
 
Dsa & Digi Cert
Dsa & Digi CertDsa & Digi Cert
Dsa & Digi CertRam Dutt Shukla
 
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLOPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOL
OPTIMIZING ONE FAIR DOCUMENT EXCHANGE PROTOCOLIJNSA Journal
 
Electronic Signature
Electronic SignatureElectronic Signature
Electronic SignatureJoon Young Park
 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
 
Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2Digital signature algorithm (de la cruz, genelyn).ppt 2
Digital signature algorithm (de la cruz, genelyn).ppt 2YooGenelyn
 
Blind Signature Scheme
Blind Signature SchemeBlind Signature Scheme
Blind Signature SchemeKelum Senanayake
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmAbhishek Kesharwani
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandSathapon Patanakuha
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signaturesMazin Alwaaly
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platformif kakao
 
Digital signature
Digital signatureDigital signature
Digital signatureNisha Menon K
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 
Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementTim Swanson
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009EuroCloud
 
OAuth 2
OAuth 2OAuth 2
OAuth 2ChrisWood262
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceAmin Saqi
 
1. ibm blockchain explained
1. ibm blockchain explained1. ibm blockchain explained
1. ibm blockchain explainedDiego Alberto Tamayo
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariArthur Janse
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureNuri Cankaya
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Hitachi, Ltd. OSS Solution Center.
 
Web Security
Web SecurityWeb Security
Web SecurityRam Dutt Shukla
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST securityIgor Bossenko
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePortia Burton
 
Ch17
Ch17Ch17
Ch17Joe Christensen
 
HTTPS
HTTPSHTTPS
HTTPSmaroti164
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcfuzzyBSc
 

More Related Content

What's hot

Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmAbhishek Kesharwani
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandSathapon Patanakuha
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signaturesMazin Alwaaly
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platformif kakao
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Mumbai Academisc
 

What's hot (8)

Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificate
 
Dss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithmDss digital signature standard and dsa algorithm
Dss digital signature standard and dsa algorithm
 
Libra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract ThailandLibra Blockchain by SmartContract Thailand
Libra Blockchain by SmartContract Thailand
 
Information and data security digital signatures
Information and data security digital signaturesInformation and data security digital signatures
Information and data security digital signatures
 
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain PlatformKlaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
Klaytn: Service-Oriented Enterprise-Grade Public Blockchain Platform
 
Digital signature
Digital signatureDigital signature
Digital signature
 
Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)Demonstration of secure socket layer(synopsis)
Demonstration of secure socket layer(synopsis)
 

Similar to Introduction to OpenID TX proposed extension

Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementTim Swanson
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009EuroCloud
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceAmin Saqi
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariArthur Janse
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureNuri Cankaya
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Hitachi, Ltd. OSS Solution Center.
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST securityIgor Bossenko
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePortia Burton
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcfuzzyBSc
 
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulTBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulDestry Saul
 
Algorand Smart Contracts
Algorand Smart ContractsAlgorand Smart Contracts
Algorand Smart Contractsssusercc3bf81
 
Whitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawWhitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawDocuSign
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsGokul Alex
 

Similar to Introduction to OpenID TX proposed extension (20)

Primer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset managementPrimer to smart contracts, smart property, trustless asset management
Primer to smart contracts, smart property, trustless asset management
 
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
Nat Sakimura Presentation / CloudViews.Org Cloud Computing Conference 2009
 
OAuth 2
OAuth 2OAuth 2
OAuth 2
 
Introducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and PerformanceIntroducing OpenID 1.0 Protocol: Security and Performance
Introducing OpenID 1.0 Protocol: Security and Performance
 
1. ibm blockchain explained
1. ibm blockchain explained1. ibm blockchain explained
1. ibm blockchain explained
 
Session 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januariSession 3 introduction blockchain by franco 22 januari
Session 3 introduction blockchain by franco 22 januari
 
Blockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on AzureBlockchain Essentials and Blockchain on Azure
Blockchain Essentials and Blockchain on Azure
 
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
Consideration on Holder-of-Key Bound Token < from Financial-grade API (FAPI) ...
 
Web Security
Web SecurityWeb Security
Web Security
 
Single-Page-Application & REST security
Single-Page-Application & REST securitySingle-Page-Application & REST security
Single-Page-Application & REST security
 
Python, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size ChangePython, Blockchain, and Byte-Size Change
Python, Blockchain, and Byte-Size Change
 
Ch17
Ch17Ch17
Ch17
 
HTTPS
HTTPSHTTPS
HTTPS
 
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 BcSoa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
Soa Symposium Expressing Service Capabilities Uniformly 2009 10 14 Bc
 
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saulTBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
TBD - Sept 13, 2018 - Signed messages in ethereum - destry saul
 
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
 
Algorand Smart Contracts
Algorand Smart ContractsAlgorand Smart Contracts
Algorand Smart Contracts
 
Whitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature LawWhitepaper: What You Should Know About eSignature Law
Whitepaper: What You Should Know About eSignature Law
 
R3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and ComponentsR3Corda - Architecture Overview - Concepts and Components
R3Corda - Architecture Overview - Concepts and Components
 
SSL
SSLSSL
SSL
 

More from Nat Sakimura

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにNat Sakimura
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureNat Sakimura
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English TranslationNat Sakimura
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesNat Sakimura
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileNat Sakimura
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WGNat Sakimura
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革Nat Sakimura
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Nat Sakimura
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateNat Sakimura
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGNat Sakimura
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGNat Sakimura
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴールNat Sakimura
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91Nat Sakimura
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problemsNat Sakimura
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extensionNat Sakimura
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect Nat Sakimura
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nat Sakimura
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OPNat Sakimura
 

More from Nat Sakimura (20)

FAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのためにFAPI and beyond - よりよいセキュリティのために
FAPI and beyond - よりよいセキュリティのために
 
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the FutureOpenID in the Digital ID Landscape: A Perspective From the Past to the Future
OpenID in the Digital ID Landscape: A Perspective From the Past to the Future
 
170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation170724 JP/UK Open Banking Summit English Translation
170724 JP/UK Open Banking Summit English Translation
 
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 UpdatesIntroduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
Introduction to 
the FAPI Read & Write OAuth Profile - Jan 2018 Updates
 
Introduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth ProfileIntroduction to the FAPI Read & Write OAuth Profile
Introduction to the FAPI Read & Write OAuth Profile
 
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
金融 API 時代のセキュリティ: OpenID Financial API (FAPI) WG
 
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革ブロックチェーン〜信頼の源泉の民主化のもたらす変革
ブロックチェーン〜信頼の源泉の民主化のもたらす変革
 
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
Future Proofing the OAuth 2.0 Authorization Code Grant Protocol by the applic...
 
OpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 UpdateOpenID Foundation FAPI WG: June 2017 Update
OpenID Foundation FAPI WG: June 2017 Update
 
API Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WGAPI Days 2016 Day 1: OpenID Financial API WG
API Days 2016 Day 1: OpenID Financial API WG
 
Financial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID ConnectFinancial Grade OAuth & OpenID Connect
Financial Grade OAuth & OpenID Connect
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
OpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WGOpenID Foundation Foundation Financial API (FAPI) WG
OpenID Foundation Foundation Financial API (FAPI) WG
 
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
車輪は丸くなったか?~デジタル・アイデンティティの標準化動向とそのゴール
 
OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91OAuth SPOP @ IETF 91
OAuth SPOP @ IETF 91
 
Oidc how it solves your problems
Oidc how it solves your problemsOidc how it solves your problems
Oidc how it solves your problems
 
Transient client secret extension
Transient client secret extensionTransient client secret extension
Transient client secret extension
 
Introduction to OpenID Connect
Introduction to OpenID Connect Introduction to OpenID Connect
Introduction to OpenID Connect
 
Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604Nc 30 sakimura-distribution_0604
Nc 30 sakimura-distribution_0604
 
Smartphone Native Application OP
Smartphone Native Application OPSmartphone Native Application OP
Smartphone Native Application OP
 

Recently uploaded

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 

Introduction to OpenID TX proposed extension

  • 1. An Introduction to OpenID TX ver. 1.4 Nat Sakimura (=nat)‏ Nov. 11, 2008
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion +[TX] Contract Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
  • 7. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing POST Binding Redirect to L2+Payment OP with [TX]POST Contract Proposal Proposal Signing
  • 8. Notification OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] send Contract based Request [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Notification (status)‏ Status: Contract Complete, Data Changed, Contract terminated, ID removed [TX] Notification OP to RP notification RP to OP notification
  • 9. Data Transfer (Optional)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ [TX] GET with Contract ID + Signature [TX] Receive Data Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing N.B. Although TX defines a default Data Transfer protocol, it can be substituted by any other methods as long as it is specified in the Contract.
  • 10. OpenID Login + Payment (synchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion +Contract ID Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing Artifact Binding Proposal Signing
  • 11. OpenID Login + Payment (asynchronous)‏ OP(Level 1)‏ User (Browser)‏ XRDS OP(Level 2 + Payment)‏ RP(Shopping)‏ Click “Login to check out” button Find the service for level 1 auth and Level 2+Payment auth Redirect to the Level 1 auth OP AuthN with Username and password etc. Positive Assertion Show Order Form Click on “Buy” button Redirect to L2+Payment OP with Transaction ID Positive Assertion + tx.c.tatus=Pending Autn with 2 nd factor etc. “ Thanks!” screen Login to Checkout taro123 ***** Buy 暗証番号 Thanks! Approval Signing [TX]POST Contract Proposal [TX] Transaction ID [TX] send Contract ID [TX] Receive Contract Legend OpenID Authentication User AuthN OpenID (TX)‏ Approval/Signing [TX] Completion Notification Artifact Binding Proposal Signing
  • 12.
  • 13.