OPEN ID
Associate Professor, Dr: Trần Minh Triết
Presenter: Trần Tiên Tín
Võ Văn Mỹ
INTRODUCTION
•
Too many Usernames and
Passwords
•
Someone took your desired
Username
•
User profile is distributed
•
Account management is
difficult
•
Get bored of filling long forms
again and again
INTRODUCTION
With OpenId, you get to choose who manages
your identity
INTRODUCTION
• “ OpenID (OID) is an open standard and
decentralized protocol by the non-profit OpenID
Foundation that allows users to be authenticated by
certain co-operating sites (known as Relying Parties
or RP) using a third party service ”
INTRODUCTION
HISTORY
02/2014 – OpenID Connect
2009, 2013….
2008 - Yahoo announced initial OpenID 2.0 support, both as a provider and
as a relying party, releasing the service by the end of the month. In early
February, Google, IBM, Microsoft, VeriSign, and Yahoo! joined the OpenID
Foundation as corporate board members
2006 - Submitted a proposal to
formalize extensions to OpenID.
2007 – Computer security
company announced support for
OpenID in its Identity Initiative
products and service
5/2005 - Brad Fitzpatrick creator of popular community
website LiveJournal, while working at Six Apart.
HOW OPENID WORK ?
HOW OPENID WORK ?
• Site Fetches the HTML of my openID
• Finds “ openid.server”
• Establishes a shared secret with the provider
• Redirects my browser to the provider where I
authenticate and allow the openId login
• Provider redirects my browser back to the site with an
openId response.
• Site verifies the signature and logs me in
PROTOCOLS AND SECURITY
• Authentication
Uses URL as the Identity of User
• OpenID 2.0 uses Yadis.
• Uses Diffie-Hellman Key Exchange Mechanism at
different level.
• Use Secured Socket Layer
• Generate strong MAC keys.
PROTOCOLS AND SECURITY
• Authentication bugs
• Phishing
• Privacy / Trust Issue
• Authentication Hijacking in Unsecured Connection
ADVANTAGES
•
Globally unique & your URL is your Identity
•
Few usernames and passwords to remember
•
Many OpenID provider like AOL, yahoo,verisignlabs,
myOpenID
• Can put OpenID URL on your app also
• Profile data are stored at one place only.
• Control of sharing information.
• Can easily increase business
DEMO
REFERENCES
• Ansuya Chauhan, OPENID.
• />• />• http://
konstantin.beznosov.net/professional/archives/
241
• />aw-in-oauth-and-openid-discovered
/