Identity management on the web with Open ID
Practical and Open
OpenID is a step in the right direction for identity management. Because OpenID implements single sign-on, it becomes more convenient for users by reducing the number of passwords you need to remember. The ability to manage attributes is far more powerful than it appears at first glance.
The number of websites using OpenID continues to skyrocket, but some really big applications will still need to prove whether they fulfill all of the operative and conceptional requirements with respect to trust and availability.
Identity Management and Federation
OpenID is not the only identity management project. Feder ID , for example, is an open source project from France. One of the project's contributors, Clément Oudot, underlined the importance of digital identities for access to web resources in a recent interview with Linux Magazine.
According to Oudot, many users possess a separate identity for each website. This is major issue for large enterprises and organizations, as users need to memorize multiple passwords. Feder ID provides tools for synchronizing identity repositories. These attributes are not only available to a single local organization; they can be shared by trusted partners.
The Feder ID tools are open source licensed and comply with the IETF (Internet Engineering Task Force), OASIS (Organization for the Advancement of Structured Information Standards), and Liberty Alliance standards for identity management.
- Microsoft Passport: http://www.passport.net
- Liberty Alliance Project: http://www.projectliberty.org
- OpenID project: http://openid.net
- Myopenid (provider): http://myopenid.com
- Mediawiki extension for OpenID: http://www.mediawiki.org/wiki/Extension:OpenID
- Drupal support for OpenID: http://drupal.org/project/openid
- Open Source libraries for OpenID: http://wiki.openid.net/Libraries
- "Keeping Customers and Merchants Secure", Whitepaper, Secure Computing: http://www.securecomputing.com/webform.cfm?id=289&ref=pci
- Feder ID: http://federid.objectweb.org
Buy this article as PDF
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
Should you trust an online service to store your online passwords?
New B+ board lets you build cool things without the complication of a powered USB hub.