TechNet MSDN Briefings Najaar 2004 TechNet MSDN Briefings Najaar 2004.
Lynn Fy07 Q4 Msdn Events Copy
Transcript of Lynn Fy07 Q4 Msdn Events Copy
![Page 1: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/1.jpg)
MSDN EventSpring, 2007MSDN EventSpring, 2007
Lynn LangitLynn LangitDeveloper EvangelistDeveloper EvangelistMicrosoft CorporationMicrosoft Corporationhttp://blogs.msdn.com/SoCalDevGalhttp://blogs.msdn.com/SoCalDevGal
![Page 2: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/2.jpg)
Next Generation Identity Management with Windows CardSpace
Next Generation Identity Management with Windows CardSpace
![Page 3: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/3.jpg)
What We Will CoverWhat We Will Cover
Identity MetasystemIdentity Metasystem
CardSpace in Windows VistaCardSpace in Windows Vista
Using Information Cards Using Information Cards
![Page 4: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/4.jpg)
AgendaAgenda
Identity MetasystemIdentity Metasystem
What is CardSpace?What is CardSpace?
Information Card ProtocolInformation Card Protocol
Information Card ParticipantsInformation Card Participants
More SecurityMore Security
![Page 5: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/5.jpg)
Identity CrisisIdentity Crisis
The Internet is dangerous!The Internet is dangerous!Identity theft, spoofing, phishing, phraudIdentity theft, spoofing, phishing, phraud
Username + password is weak and Username + password is weak and overwhelmedoverwhelmed
Enterprises are in identity silo hellEnterprises are in identity silo hell
www.antiphishing.org
22% Stopped
25% Cut back
![Page 6: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/6.jpg)
Why an Identity MetaSystem?Why an Identity MetaSystem?
Prevent Phishing Prevent Phishing AttacksAttacks
Prevent Identity Prevent Identity TheftTheft
Reduce User Reduce User Names and Names and PasswordsPasswords
Put the User in Put the User in ControlControl
![Page 7: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/7.jpg)
Identity MetasystemIdentity MetasystemObjectives & CharacteristicsObjectives & Characteristics
No Single AuthorityNo Single Authority
Open FrameworkOpen Framework
Set of ProtocolsSet of Protocols
Standards Built on SOAP and XMLStandards Built on SOAP and XML
User in ControlUser in Control
![Page 8: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/8.jpg)
Identity MetasystemIdentity MetasystemSeven LawsSeven Laws
User Control User Control and Consentand Consent
Minimal Minimal DisclosureDisclosure
JustifiablJustifiablee
PartiesPartiesPluralism ofPluralism ofOperatorsOperators
HumanHumanIntegratioIntegratio
nnConsistentConsistentExperienceExperience
Directional Directional IdentityIdentity
![Page 9: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/9.jpg)
Identity System ModelIdentity System Model
User
Identity Provider Relying Party
Trust
IdentitySelector
ClaimsTokentranslation
![Page 10: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/10.jpg)
AgendaAgenda
Identity MetaSystemIdentity MetaSystem
What is CardSpace?What is CardSpace?
Information Card ProtocolInformation Card Protocol
Information Card ParticipantsInformation Card Participants
More SecurityMore Security
![Page 11: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/11.jpg)
What is CardSpace?What is CardSpace?
No Personal No Personal DataData
Processing Processing EngineEngine
Replace User Replace User Names and Names and PasswordsPasswords
DigitalIdentity
in CardSpace
Built on .NET Built on .NET Framework 3.0Framework 3.0
![Page 12: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/12.jpg)
CardSpace as a MetaphorCardSpace as a Metaphor
My Business
My GovernmentMy Bank
My School
![Page 13: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/13.jpg)
What CardSpace AddressesWhat CardSpace Addresses
User name/password fatigueUser name/password fatigue
Phishing and phraudPhishing and phraud
Lack of confidence in InternetLack of confidence in Internet
![Page 14: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/14.jpg)
Working with CardSpaceWorking with CardSpace
![Page 15: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/15.jpg)
AgendaAgenda
Identity MetaSystemIdentity MetaSystem
What is CardSpace?What is CardSpace?
Information Card ProtocolInformation Card Protocol
Information Card ParticipantsInformation Card Participants
More SecurityMore Security
![Page 16: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/16.jpg)
Protocol Drill DownProtocol Drill Down
Identity Provider(IP)
Relying Party(RP)
ClientClient would like to access a resource
RP provides identity requirements: format, claims & issuer of security token
1
2
User
3 Client shows which of known IPs can satisfy requirements
User selects an IP4
5Request to IPSecurity Token Service for security token providing user credentials
6
IP generates security token based on RP’s requirementswith display token and proof of possession for user
7User views token and approves the release of token
8
Token is released to RP with proof of possession RP reads claims and allows access
![Page 17: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/17.jpg)
Adding Information Card Support to a Web SiteAdding Information Card Support to a Web Site
![Page 18: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/18.jpg)
AgendaAgenda
Identity MetaSystemIdentity MetaSystem
What is CardSpace?What is CardSpace?
Information Card ProtocolInformation Card Protocol
Information Card ParticipantsInformation Card Participants
More SecurityMore Security
![Page 19: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/19.jpg)
Participants – Identity ProviderParticipants – Identity Provider
Security TokenSecurity TokenServiceService
SSL CertificateSSL Certificate
Information Card Information Card Creation and Creation and ProvisioningProvisioning
Examples
![Page 20: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/20.jpg)
Participants – relying partyParticipants – relying party
PolicyPolicyPolicyPolicy
Code to Code to process tokenprocess token
Code to Code to process tokenprocess token
SSL SSL CertificateCertificate
SSL SSL CertificateCertificate
![Page 21: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/21.jpg)
Participants – ClientsParticipants – Clients
Browsers
Internet Explorer, Firefox,
etc. Non-Windows
Rich Clients
![Page 22: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/22.jpg)
Converting a Traditional Web Site to Accept Information Cards
Converting a Traditional Web Site to Accept Information Cards
![Page 23: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/23.jpg)
AgendaAgenda
Identity MetaSystemIdentity MetaSystem
What is CardSpace?What is CardSpace?
Information Card ProtocolInformation Card Protocol
Information Card ParticipantsInformation Card Participants
More SecurityMore Security
![Page 24: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/24.jpg)
Extended Value SSL CertificatesExtended Value SSL Certificates
Better End Better End User User
feedbackfeedback
More More SecureSecure
ImplementedImplementedin Internet in Internet Explorer 7Explorer 7
ExtendExtends SSLs SSL
![Page 25: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/25.jpg)
Accessing multiple web sites with a single Information CardAccessing multiple web sites with a single Information Card
![Page 26: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/26.jpg)
Session SummarySession Summary
An Identity Metasystem Is NeededAn Identity Metasystem Is Needed
The Framework Is In PlaceThe Framework Is In Place
Need More ParticipantsNeed More Participants
![Page 27: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/27.jpg)
ResourcesResources
CardSpace samples and articlesCardSpace samples and articles
http://cardspace.netfx3.comhttp://cardspace.netfx3.com
The Identity MetasystemThe Identity Metasystem
http://www.identityblog.comhttp://www.identityblog.com
MSDN Events ResourcesMSDN Events Resources
http://www.msdnevents.com/resourceshttp://www.msdnevents.com/resources
![Page 28: Lynn Fy07 Q4 Msdn Events Copy](https://reader036.fdocuments.in/reader036/viewer/2022062419/557db135d8b42a11428b49fe/html5/thumbnails/28.jpg)
Lynn LangitLynn LangitDeveloper EvangelistDeveloper EvangelistMicrosoft CorporationMicrosoft Corporationhttp://blogs.msdn.com/SoCalDevGalhttp://blogs.msdn.com/SoCalDevGal