The document discusses the challenges of identity management in online platforms, emphasizing the issues caused by multiple passwords and identity silos. It introduces single sign-on and federated authentication as solutions, comparing OpenID and Shibboleth for implementing these systems. The author highlights trust issues with identity providers and the need for secure interactions between service providers and identity providers.

1. Knock, Knock – Who’s There? Towards Federated Authentication Leigh Dodds Chief Technology Officer, Ingenta Society for Scholarly Publishing San Francisco, June 2007

2. The Identity Problem

3. Too many passwords … Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…

4. Identity Silos

5. Vendor Lock-In E.g. Microsoft Passport

6. Single Sign-On can solve these problems Single Sign-On = Federated Authentication

7. Knock, Knock

8. Who’s There?

9. Dude..It’s Me…

10. Who Says?

11. Er…Ask That Guy…

13. Hey, do you know this guy?

14. Dude, that’s Leigh

15. Respect Mah Authoritah!

16. Oh, OK. Thanks

17. Hi, Leigh…

18. There’s More Than One Way to Implement This

19. User Service Provider Identity Provider

20. Where Things Differ… How do we know who the user’s Identity Provider is? How do the Service Providers and Identity Providers talk to one another? What information does the Identity Provider expose about the User? Can we trust the Identity Provider? How does the Identity Provider authenticate the user?

23. OpenId User-centric Simple to implement Growing number of open source toolkits Rapid adoption in web community Does not address trust issue

24. Shibboleth Library-centric Complex to implement Open source software plus commercial options Growing adoption in library and publishing communities Introduces element of trust

25. Conclusions & Further Reading http://del.icio.us/ldodds/tag/ssp-2007-06