SlideShare una empresa de Scribd logo

From "Username and Password" to InfoCard

Descargar como PPT, PDF
G
goodfriday

InfoCard can bring a new level of security to authenticating users to your site. In this session, take a deep developer look at how this can be achieved. A traditional forms-based authentication implementation is converted to use InfoCard, along with explanations of the Web services, protocols, and security considerations that one needs to understand.

TecnologíaEmpresariales
1 de 36
From Username & Password to "InfoCard" Richard Turner "InfoCard" Product Manager Microsoft Corporation Garrett Serack Program Manager Microsoft Corporation
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
The Imperative to Connect Suppliers & Partners Businesses Employees Friends & Family Consumers
Who Are You?
The Internet Identity Crisis ,[object Object],[object Object],[object Object],Lack of Identity Online
Phishing & Phraud ,[object Object],[object Object],Source: http://www.antiphishing.org Dec 04 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec 05 7,197 4,630 4,367 5,242 5,259 4,564 4,280 3,326 2,854 2,870 2,625 2,560 1,707
Password Fatigue
"InfoCard" ,[object Object],[object Object],[object Object],[object Object],Easier Safer Built on WS-* Web Services Protocols
"InfoCard" cards ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Richard’s Card Woodgrove Bank
Private Desktop ,[object Object],[object Object],[object Object]
Contoso Car Rental
Participants Relying Party (website) User Identity Provider
Login with Self Issued Card Relying Party (website) User Object Tag Login
Select Self Issued Card Relying Party (website) User
Create Token from Card Relying Party (website) User
Sign, Encrypt & Send Token Relying Party (website) User
Login with Managed Card Relying Party (website) User Object Tag Identity Provider Login
Select Managed Card Relying Party (website) User Identity Provider
Request Security Token Relying Party (website) User Auth’: X509, Kerb, SIC, U/PWD … Identity Provider
Create Token from Card Relying Party (website) User Identity Provider
Sign, Encrypt & Send Token Relying Party (website) User Identity Provider
The Identity Metasystem ,[object Object],Open, inclusive, standards-based model Built upon “The Laws of Identity” "InfoCard" is a client agent within the IDMS
Building A Relying Party
Integrating with “InfoCard” ,[object Object],[object Object],[object Object],[object Object],[object Object]
1. Associate a user with a card CREATE PROCEDURE aspnet_infocard_associate (@UserId nvarchar(256), @card nvarchar (50) ) AS ... CREATE PROCEDURE aspnet_infocard_lookup (@card nvarchar (50) ) AS ...
2a. Create an association page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Update account with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
2b. Create an association page public partial class Associate_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { // check if an xmlToken is posted string xmlToken = Request[ &quot;xmlToken&quot; ]; if (xmlToken != null ) { TokenHelper tokenHelper = new TokenHelper (xmlToken); // get the unique id string uniqueID = tokenHelper.getUniqueID(); if (uniqueID != null && uniqueID != &quot;&quot; ) { //store it with the account. MembershipUser user = Membership .GetUser(); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } } } }
3a. Update the sign in page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Sign in with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
3b. Update the sign in page public partial class Login_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); // Lookup the account using the uniqueId string username = MembershipHelper .GetUser( tokenHelper.getUniqueID()); if (username != null ) { MembershipUser user = Membership .GetUser(username); // give the cookie back to the browser. FormsAuthentication .SetLoginCookie(user.UserName, false ); } } }
4a. Update the registration page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Register with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
4b. Update the registration page // ... string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); string uniqueId = tokenHelper.getUniqueID(); string emailAddress = tokenHelper.GetClaim( “ http://schemas.../emailaddress ”); string username = tokenHelper.GetClaim( “ http://schemas.../givenname ”); if (username != null ) { MembershipUser user = CreateUser( name , emailAddress ,... ); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } // ...
Summary
WinFX: .NET to the core
Getting WinFX & &quot;InfoCard&quot; ,[object Object],[object Object],[object Object],[object Object],[object Object],Q2 Q3 Q1 2006 Q2 Q4 Q1 2005 Q3 Q4 B1 CTP V1 RTM
&quot;InfoCard&quot; Summary Labs available in the MIX Sandbox! Consistent authentication for digital identities Reduces chances of being phished Adopting takes little developer effort
© 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Recomendados

OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Mihir Shah
 
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosMy Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
John Ferguson Smart Limited
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 Presentation
Mohamed Ahmed Abdullah
 
Php Form
Php FormPhp Form
Php Form
lotlot
 
Web I - 04 - Forms
Web I - 04 - FormsWeb I - 04 - Forms
Web I - 04 - Forms
Randy Connolly
 
Auction Portal
Auction PortalAuction Portal
Auction Portal
Priyatham Bollimpalli
 
Help your library be omnipresent without spending a
Help your library be omnipresent without spending aHelp your library be omnipresent without spending a
Help your library be omnipresent without spending a
Nina McHale
 
The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2
Khor SoonHin
 

Recomendados

OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0
Mihir Shah
 
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosMy Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
John Ferguson Smart Limited
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 Presentation
Mohamed Ahmed Abdullah
 
Php Form
Php FormPhp Form
Php Form
lotlot
 
Web I - 04 - Forms
Web I - 04 - FormsWeb I - 04 - Forms
Web I - 04 - Forms
Randy Connolly
 
Auction Portal
Auction PortalAuction Portal
Auction Portal
Priyatham Bollimpalli
 
Help your library be omnipresent without spending a
Help your library be omnipresent without spending aHelp your library be omnipresent without spending a
Help your library be omnipresent without spending a
Nina McHale
 
The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2
Khor SoonHin
 
Quick Referance to WML
Quick Referance to WMLQuick Referance to WML
Quick Referance to WML
Nitin Saswade
 
Grddl In A Nutshell V1
Grddl In A Nutshell V1Grddl In A Nutshell V1
Grddl In A Nutshell V1
Fabien Gandon
 
Building Secure Twitter Apps
Building Secure Twitter AppsBuilding Secure Twitter Apps
Building Secure Twitter Apps
Damon Cortesi
 
HTML5 Web Forms
HTML5 Web FormsHTML5 Web Forms
HTML5 Web Forms
Estelle Weyl
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial Gadgets
Atlassian
 
Opensocial Codelab
Opensocial CodelabOpensocial Codelab
Opensocial Codelab
Pieter De Schepper
 
Ajax On S2 Odp
Ajax On S2 OdpAjax On S2 Odp
Ajax On S2 Odp
ghessler
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Client
grutz
 
YQL talk at OHD Jakarta
YQL talk at OHD JakartaYQL talk at OHD Jakarta
YQL talk at OHD Jakarta
Michael Smith Jr.
 
Ajax ons2
Ajax ons2Ajax ons2
Ajax ons2
Chad Davis
 
Zend Form Tutorial
Zend Form TutorialZend Form Tutorial
Zend Form Tutorial
Michelangelo van Dam
 
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
Jacob Gyllenstierna
 
Widgets Tools Keynote
Widgets Tools KeynoteWidgets Tools Keynote
Widgets Tools Keynote
Michael Mahemoff
 
Neil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItNeil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do It
Carsonified Team
 
Lecture3
Lecture3Lecture3
Lecture3
Châu Thanh Chương
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
Doncho Minkov
 
Symfony2
Symfony2Symfony2
Symfony2
mdpatrick
 
Form Validation
Form ValidationForm Validation
Form Validation
Graeme Smith
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tags
Krazy Koder
 
03 handling requests
03 handling requests03 handling requests
03 handling requests
dhrubo kayal
 
Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052
goodfriday
 
Triunemar05
Triunemar05Triunemar05
Triunemar05
goodfriday
 

Más contenido relacionado

Similar a From "Username and Password" to InfoCard

HTML5 Web Forms
HTML5 Web FormsHTML5 Web Forms
HTML5 Web Forms
Estelle Weyl
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial Gadgets
Atlassian
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
Doncho Minkov
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tags
Krazy Koder
 
03 handling requests
03 handling requests03 handling requests
03 handling requests
dhrubo kayal
 

Similar a From "Username and Password" to InfoCard (20)

Quick Referance to WML
Quick Referance to WMLQuick Referance to WML
Quick Referance to WML
 
Grddl In A Nutshell V1
Grddl In A Nutshell V1Grddl In A Nutshell V1
Grddl In A Nutshell V1
 
Building Secure Twitter Apps
Building Secure Twitter AppsBuilding Secure Twitter Apps
Building Secure Twitter Apps
 
HTML5 Web Forms
HTML5 Web FormsHTML5 Web Forms
HTML5 Web Forms
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial Gadgets
 
Opensocial Codelab
Opensocial CodelabOpensocial Codelab
Opensocial Codelab
 
Ajax On S2 Odp
Ajax On S2 OdpAjax On S2 Odp
Ajax On S2 Odp
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Client
 
YQL talk at OHD Jakarta
YQL talk at OHD JakartaYQL talk at OHD Jakarta
YQL talk at OHD Jakarta
 
Ajax ons2
Ajax ons2Ajax ons2
Ajax ons2
 
Zend Form Tutorial
Zend Form TutorialZend Form Tutorial
Zend Form Tutorial
 
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
 
Widgets Tools Keynote
Widgets Tools KeynoteWidgets Tools Keynote
Widgets Tools Keynote
 
Neil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItNeil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do It
 
Lecture3
Lecture3Lecture3
Lecture3
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
 
Symfony2
Symfony2Symfony2
Symfony2
 
Form Validation
Form ValidationForm Validation
Form Validation
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tags
 
03 handling requests
03 handling requests03 handling requests
03 handling requests
 

Más de goodfriday

Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052
goodfriday
 
09 03 22 easter
09 03 22 easter09 03 22 easter
09 03 22 easter
goodfriday
 
Holy Week Easter 2009
Holy Week Easter 2009Holy Week Easter 2009
Holy Week Easter 2009
goodfriday
 
Holt Park Easter 09 Swim
Holt Park Easter 09 SwimHolt Park Easter 09 Swim
Holt Park Easter 09 Swim
goodfriday
 
Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092
goodfriday
 
Eastercard2009
Eastercard2009Eastercard2009
Eastercard2009
goodfriday
 
Easterservices2009
Easterservices2009Easterservices2009
Easterservices2009
goodfriday
 
Bulletin Current
Bulletin CurrentBulletin Current
Bulletin Current
goodfriday
 
March 2009 Newsletter
March 2009 NewsletterMarch 2009 Newsletter
March 2009 Newsletter
goodfriday
 
Lent Easter 2009
Lent Easter 2009Lent Easter 2009
Lent Easter 2009
goodfriday
 
Easterpowersports09
Easterpowersports09Easterpowersports09
Easterpowersports09
goodfriday
 
Easter Trading 09
Easter Trading 09Easter Trading 09
Easter Trading 09
goodfriday
 
Easter Brochure 2009
Easter Brochure 2009Easter Brochure 2009
Easter Brochure 2009
goodfriday
 
March April 2009 Calendar
March April 2009 CalendarMarch April 2009 Calendar
March April 2009 Calendar
goodfriday
 

Más de goodfriday (20)

Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052
 
Triunemar05
Triunemar05Triunemar05
Triunemar05
 
09 03 22 easter
09 03 22 easter09 03 22 easter
09 03 22 easter
 
Holy Week Easter 2009
Holy Week Easter 2009Holy Week Easter 2009
Holy Week Easter 2009
 
Holt Park Easter 09 Swim
Holt Park Easter 09 SwimHolt Park Easter 09 Swim
Holt Park Easter 09 Swim
 
Easter Letter
Easter LetterEaster Letter
Easter Letter
 
April2009
April2009April2009
April2009
 
Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092
 
Eastercard2009
Eastercard2009Eastercard2009
Eastercard2009
 
Easterservices2009
Easterservices2009Easterservices2009
Easterservices2009
 
Bulletin Current
Bulletin CurrentBulletin Current
Bulletin Current
 
Easter2009
Easter2009Easter2009
Easter2009
 
Bulletin
BulletinBulletin
Bulletin
 
March 2009 Newsletter
March 2009 NewsletterMarch 2009 Newsletter
March 2009 Newsletter
 
Mar 29 2009
Mar 29 2009Mar 29 2009
Mar 29 2009
 
Lent Easter 2009
Lent Easter 2009Lent Easter 2009
Lent Easter 2009
 
Easterpowersports09
Easterpowersports09Easterpowersports09
Easterpowersports09
 
Easter Trading 09
Easter Trading 09Easter Trading 09
Easter Trading 09
 
Easter Brochure 2009
Easter Brochure 2009Easter Brochure 2009
Easter Brochure 2009
 
March April 2009 Calendar
March April 2009 CalendarMarch April 2009 Calendar
March April 2009 Calendar
 

Último

Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 

Último (20)

ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 

From "Username and Password" to InfoCard

  • 1. From Username & Password to &quot;InfoCard&quot; Richard Turner &quot;InfoCard&quot; Product Manager Microsoft Corporation Garrett Serack Program Manager Microsoft Corporation
  • 2.
  • 3. The Imperative to Connect Suppliers & Partners Businesses Employees Friends & Family Consumers
  • 5.
  • 6.
  • 8.
  • 9.
  • 10.
  • 12. Participants Relying Party (website) User Identity Provider
  • 13. Login with Self Issued Card Relying Party (website) User Object Tag Login
  • 14. Select Self Issued Card Relying Party (website) User
  • 15. Create Token from Card Relying Party (website) User
  • 16. Sign, Encrypt & Send Token Relying Party (website) User
  • 17. Login with Managed Card Relying Party (website) User Object Tag Identity Provider Login
  • 18. Select Managed Card Relying Party (website) User Identity Provider
  • 19. Request Security Token Relying Party (website) User Auth’: X509, Kerb, SIC, U/PWD … Identity Provider
  • 20. Create Token from Card Relying Party (website) User Identity Provider
  • 21. Sign, Encrypt & Send Token Relying Party (website) User Identity Provider
  • 22.
  • 24.
  • 25. 1. Associate a user with a card CREATE PROCEDURE aspnet_infocard_associate (@UserId nvarchar(256), @card nvarchar (50) ) AS ... CREATE PROCEDURE aspnet_infocard_lookup (@card nvarchar (50) ) AS ...
  • 26. 2a. Create an association page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Update account with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 27. 2b. Create an association page public partial class Associate_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { // check if an xmlToken is posted string xmlToken = Request[ &quot;xmlToken&quot; ]; if (xmlToken != null ) { TokenHelper tokenHelper = new TokenHelper (xmlToken); // get the unique id string uniqueID = tokenHelper.getUniqueID(); if (uniqueID != null && uniqueID != &quot;&quot; ) { //store it with the account. MembershipUser user = Membership .GetUser(); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } } } }
  • 28. 3a. Update the sign in page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Sign in with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 29. 3b. Update the sign in page public partial class Login_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); // Lookup the account using the uniqueId string username = MembershipHelper .GetUser( tokenHelper.getUniqueID()); if (username != null ) { MembershipUser user = Membership .GetUser(username); // give the cookie back to the browser. FormsAuthentication .SetLoginCookie(user.UserName, false ); } } }
  • 30. 4a. Update the registration page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Register with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 31. 4b. Update the registration page // ... string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); string uniqueId = tokenHelper.getUniqueID(); string emailAddress = tokenHelper.GetClaim( “ http://schemas.../emailaddress ”); string username = tokenHelper.GetClaim( “ http://schemas.../givenname ”); if (username != null ) { MembershipUser user = CreateUser( name , emailAddress ,... ); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } // ...
  • 33. WinFX: .NET to the core
  • 34.
  • 35. &quot;InfoCard&quot; Summary Labs available in the MIX Sandbox! Consistent authentication for digital identities Reduces chances of being phished Adopting takes little developer effort
  • 36. © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.