Knock Knock - Who's There?
-
Upload
leigh-dodds -
Category
Technology
-
view
4.639 -
download
1
Transcript of Knock Knock - Who's There?
![Page 1: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/1.jpg)
Knock, Knock – Who’s There?Towards Federated Authentication
Leigh DoddsChief Technology Officer, Ingenta
Society for Scholarly PublishingSan Francisco, June 2007
![Page 2: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/2.jpg)
The Identity Problem
![Page 3: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/3.jpg)
Too many passwords
…Flickr & YouTube & FaceBook & MySpace & LiveJournal & LinkedIn…
![Page 4: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/4.jpg)
Identity Silos
![Page 5: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/5.jpg)
Vendor Lock-In
E.g. Microsoft Passport
![Page 6: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/6.jpg)
Single Sign-On can solve these problems
Single Sign-On = Federated Authentication
![Page 7: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/7.jpg)
Knock, Knock
![Page 8: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/8.jpg)
Who’s There?
![Page 9: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/9.jpg)
Dude..It’s Me…
![Page 10: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/10.jpg)
Who Says?
![Page 11: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/11.jpg)
Er…Ask That Guy…
![Page 12: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/12.jpg)
![Page 13: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/13.jpg)
Hey, do you know this guy?
![Page 14: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/14.jpg)
Dude, that’s Leigh
![Page 15: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/15.jpg)
Respect Mah Authoritah!
![Page 16: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/16.jpg)
Oh, OK. Thanks
![Page 17: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/17.jpg)
Hi, Leigh…
![Page 18: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/18.jpg)
There’s More Than One Way to Implement This
![Page 19: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/19.jpg)
User
Service Provider
Identity Provider
![Page 20: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/20.jpg)
Where Things Differ…
• How do we know who the user’s Identity Provider is?
• How do the Service Providers and Identity Providers talk to one another?
• What information does the Identity Provider expose about the User?
• Can we trust the Identity Provider?
• How does the Identity Provider authenticate the user?
![Page 21: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/21.jpg)
![Page 22: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/22.jpg)
![Page 23: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/23.jpg)
OpenId
• User-centric
• Simple to implement
• Growing number of open source toolkits
• Rapid adoption in web community
• Does not address trust issue
![Page 24: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/24.jpg)
Shibboleth
• Library-centric
• Complex to implement
• Open source software plus commercial options
• Growing adoption in library and publishing communities
• Introduces element of trust
![Page 25: Knock Knock - Who's There?](https://reader034.fdocuments.in/reader034/viewer/2022042516/55d5075fbb61eb3d458b45ea/html5/thumbnails/25.jpg)
Conclusions & Further Reading
http://del.icio.us/ldodds/tag/ssp-2007-06