Identity management on the web with Open ID
Practical and Open
OpenID is a step in the right direction for identity management. Because OpenID implements single sign-on, it becomes more convenient for users by reducing the number of passwords you need to remember. The ability to manage attributes is far more powerful than it appears at first glance.
The number of websites using OpenID continues to skyrocket, but some really big applications will still need to prove whether they fulfill all of the operative and conceptional requirements with respect to trust and availability.
Identity Management and Federation
OpenID is not the only identity management project. Feder ID , for example, is an open source project from France. One of the project's contributors, Clément Oudot, underlined the importance of digital identities for access to web resources in a recent interview with Linux Magazine.
According to Oudot, many users possess a separate identity for each website. This is major issue for large enterprises and organizations, as users need to memorize multiple passwords. Feder ID provides tools for synchronizing identity repositories. These attributes are not only available to a single local organization; they can be shared by trusted partners.
The Feder ID tools are open source licensed and comply with the IETF (Internet Engineering Task Force), OASIS (Organization for the Advancement of Structured Information Standards), and Liberty Alliance standards for identity management.
- Microsoft Passport: http://www.passport.net
- Liberty Alliance Project: http://www.projectliberty.org
- OpenID project: http://openid.net
- Myopenid (provider): http://myopenid.com
- Mediawiki extension for OpenID: http://www.mediawiki.org/wiki/Extension:OpenID
- Drupal support for OpenID: http://drupal.org/project/openid
- Open Source libraries for OpenID: http://wiki.openid.net/Libraries
- "Keeping Customers and Merchants Secure", Whitepaper, Secure Computing: http://www.securecomputing.com/webform.cfm?id=289&ref=pci
- Feder ID: http://federid.objectweb.org
Buy this article as PDF
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.
Redmond rushes in to root out alleged malware haven.
New initiative will bring futuristic virtual reality effects to the web surfing experience.
Dyreza malware launches a man-in-the-middle attack that compromises SSL.
New cloud combines worldwide access with local attention to data security.
A first cousin of the recent Heartbleed attack affects EAP-based wireless and peer-to-peer authentication.
FOSS community acts to protect freedom of choice for laptop devices.
Quintessential open source browser shores up its market share with a step toward the proprietary dark side.
Authorities in 16 countries take action against users of the imfamous BlackShades malware tool.