Enable Windows CardSpace and Information Cards in Your Web Site
-
Upload
goodfriday -
Category
Technology
-
view
1.200 -
download
0
Transcript of Enable Windows CardSpace and Information Cards in Your Web Site
Enable Windows CardSpace and Information Cards in your web siteGarrett SerackCommunity Program ManagerMicrosoft Corporation
What's Changed?
At the core, very little Usernames and passwords still very prevalent
Graphics are a tad better
What have we learned?
Passwords shouldn’t be words like “pencil”Perhaps writing them down in a commonly accessible place isn't the wisest moveAt least we don't echo the letters back to the screen anymore Where is the accountability?
Information Cards
Instead of using shared secrets to authenticate, we can use cryptography
PPIDs are unique to the user website relationship
Websites can have a common, consistent user experience
Reduce drop-off, with simplified sign-up
Preparing your database
Information Cards
UserID PPID IssuerID
FK1
PK UniqueID
Users
FirstName LastName EmailAddress
PK UserID
Sign In Experience
Does the Browser Support
Information Cards?
Perform Client Side Detection
Web Page withoutCard Support
<html>
Card Enabled Web Page
<html>
No Yes
Sign In process
Is this card associated
with an account?
The user is signed in
Please Sign In
or
Welcome back to the website
<html>
Choose:
Associate with an existing account
Create a new account
Choose a different card
<html>
<html>
Yes No
SignIn leads to Association
Start Over
Recovery Scenario
<html>
Choose:
Associate with an existing account
Create a new account
Choose a different card
Account Creation
<html>
<html>
Association - existing accounts
Send email confirmation
Authenticate via:
Username/Password
Proof of account<html>
Choose:
Associate with an existing account
Create a new account
Choose a different card<html>
Sign In:
<html>
Association – Account Creation
Choose: Associate with an existing account
Create a new account
Choose a different card<html>
Optional validation
steps
Registration:
<html>The user is signed in
Welcometo the website
<html>
Explicit sign up
Implicit sign up
The Bandit Project and Interoperable Information CardsPat FelstedBandit Project LeadNovell, Inc.
partner
Mike JonesDir. of Identity Partnerships
Microsoft Corporation
Industry Support for Information CardsIndustry Support for Information Cards
Based entirely on open
protocolsIdentity requires
cooperation – and you’re
seeing it today!Interoperable
software being built by
Novell, IBM, Sun, Ping Identity, BMC, VeriSign, …For Linux, MacOS, mobile devices, …
With browser support
happening forFirefox, Safari, …
Bandit ProjectBandit Project
Provides loosely-coupled open
source identity components
for Authentication, Authorization, and Audit
Information Card solutions built
from these components:
Identity Selector, Identity Provider, Relying PartyOn multiple platforms
Sponsored by Novell – with
open participation
Code contributor to Higgins open source identity
project
What you just sawWhat you just saw
Multiple platforms,
browsers, and identity selectors
All signing into a Joomla relying party site
Demo scenarios:IE7 and Windows CardSpace on WindowsFirefox 2.0 and Windows CardSpace on WindowsFirefox 2.0 and Bandit Identity Selector on LinuxFirefox 2.0 and Bandit Identity Selector on the Mac
Demonstrating protocol and
program interoperability
http://cardspace.netfx3.com
http://fearthecowboy.com
http://bandit-project.org
links
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions,
it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.