David Recordon
ABSTRACT
With the advancement in user-centric and URI-based identity systems over the past two years, it has become clear that a single specification will not be the solution to all problems. Rather, like the other layers of the Internet, developing small, interoperable specifications that are independently implementable and useful will ultimately lead to market adoption of these technologies. This is the intent of the OpenID framework. OpenID Authentication 1.0 began as a lightweight HTTP-based URL authentication protocol. OpenID Authentication 2.0 it is now turning into an open community-driven platform that allows and encourages innovation. It supports both URLs and XRIs as user identifiers, uses Yadis XRDS documents for identity service discovery, adds stronger security, and supports both public and private identifiers. With continuing convergence under this broad umbrella, the OpenID framework is emerging as a viable solution for Internet-scale user-centric identity infrastructure.
- K. Cameron, The Laws of Identity, http://www.identityblog.com/?page_id=354, May 2005.]]Google Scholar
- D. Recordon and B. Fitzpatrick, OpenID Authentication 1.1, http://www.openid.net/specs/openid-authentication-1_1.txt, May 2006]]Google Scholar
- T. Berners-Lee, L. Masinter, M. McCahill, Uniform Resource Locators, http://www.ietf.org/rfc/rfc1738.txt, December 1994.]] Google ScholarDigital Library
- S. Cantor et al, Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, http://docs.oasis-open.org/security/saml/v2.0/saml-core-2.0-os.pdf, March 2005.]]Google Scholar
- D. Reed, D. McAlpin, Extensible Resource Identifier Syntax 2.0, OASIS Committee Specification, OASIS XRI Technical Committee, http://www.oasis-open.org/committees/download.php/15377, November 2005]]Google Scholar
- G. Wachob et al, Extensible Resource Identifier Resolution 2.0, Working Draft 10, (Work In Progress), OASIS XRI Technical Committee, http://www.oasis-open.org/committees/xri , March 2005]]Google Scholar
- J. Miller, Yadis 1.0, http://yadis.org/papers/yadis-v1.0.pdf, March 2006]]Google Scholar
- D. Hardt et al, OpenID Attribute Exchange 1.0 -- Draft 1, http://openid.net/specs/openid-attribute-exchange-1_0-01.txt, August 2006]]Google Scholar
- J. Merrells et al, DIX: Digital Identity Exchange Protocol, http://dixs.org/index.php/DIX_Protocol_Internet_Drafts, May 2006]]Google Scholar
- J. Hoyt et al, OpenID Simple Registration Extension 1.0, http://openid.net/specs/openid-simple-registration-extension-1_0.txt, June 2006]]Google Scholar
Index Terms
- OpenID 2.0: a platform for user-centric identity management
Recommendations
Hierarchy openid
E-ACTIVITIES'09/ISP'09: Proceedings of the 8th WSEAS International Conference on E-Activities and information security and privacyThe explosive developments of web services provide convenience of anytime, anywhere the service for users. However, the evolution of web service to its users provides the burden of a number of identity and password pair management. To solve such a ...
Session-based security enhancement of RFID systems for emerging open-loop applications
Radio frequency identification (RFID) is an important technique used for automatic identification and data capture. In recent years, low-cost RFID tags have been used in many open-loop applications beyond supply chain management, such as the tagging of ...
Enhancing and Evaluating Identity Privacy and Authentication Strength by Utilizing the Identity Ecosystem
WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic SocietyThis paper presents a novel research model of identity and the use of this model to answer some interesting research questions. Information travels in the cyber world, not only bringing us convenience and prosperity but also jeopardy. Protecting this ...
Comments