OpenID Connect 1.0 is a profile of OAUTH 2.0, an IETF Internet Draft. The OpenID Foundation Members include Google, Microsoft and Yahoo. This group collectively serves a critical mass of American consumers, and if they support one method of authentication, there will be an overwhelming advantage for web sites to adopt it.
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The future of cloud identity
1. After a decade of creating a multitude of online accounts, with a plethora of usernames
and passwords, most people will welcome some form of identity consolidation. Cas single
sign on will whittle that down to just one, allowing you to use your email address to
identify yourself online and to authenticate.
OpenID Connect 1.0 is a profile of OAUTH 2.0, an IETF Internet Draft. The OpenID
Foundation Members include Google, Microsoft and Yahoo. This group collectively serves
a critical mass of American consumers, and if they support one method of
authentication, there will be an overwhelming advantage for web sites to adopt it.
By using your email to identify yourself on the web, OpenID Connect 1.0 will enable web
sites to send a request to your domain to confirm that you are authenticated. It also
defines how to grant access to certain resources, such as your profile or your list of
friends. The standard is a win-win for consumers and web sites.
OpenID Connect has the potential to be one of the pillars that will enable the NSTIC
vision to realize a safer Internet for consumers. With fewer web-based accounts to
manage, consumers will have an incentive to invest in stronger authentication
technologies, and there will be fewer passwords on the Internet for hackers to steal.
2. I like to compare the first version of OpenID to the Vikings. The Vikings were able to
cross the North Atlantic 600 years before other Europeans, but made no permanent
settlements in North America. In 2005, the first version of OpenID was the Viking of
consumer federated identity: it was groundbreaking, but other than a few abandoned
campsites, there is not much sign of it left. After seven years, this latest version,
OpenID Connect 1.0, is poised to put down roots. Both the user experience and the
security have been vetted by technologists at the web’s leading consumer identity
providers. In fact, OpenID Connect borrows aspects of the user experience from Face
book Connect while also defining several other related standards to make the solution
more comprehensive.
How to Prepare
If your organization provides users with an email account, you will probably want to
launch (1) an IDP saml Provider (“OP”) where people at your organizations can
authenticate and (2) launch an OpenID Connect discovery service, so Internet web sites
can “validate” your users. If you are a web site, you should consider adding support for
OpenID Connect 1.0 into your release roadmap. The good news for web sites is that
OpenID Connect is relatively lightweight; uses JSON, REST and all that stuff; and there
are client libraries out there in Java, Python and other popular programming platforms.
3. Organizations have a number of options to support OpenID Connect: using open source
software, buying commercial software and using cloud service providers. I am proud to
announce this week the launch of a new Gluu Cloud Identity Server, which leverages the
Open Stack Compute API to just-in-time provision Rack space Cloud Servers. With
OpenID Connect, the availability of an organization’s authentication and authorization
service becomes increasingly critical. The design of Gluu’s service around Open Stack
enables us to leverage Rack space’s network to launch a highly robust organizational
identity service. Gluu also makes its OpenID Connect software available for free as part of
the OX project. But whatever your OpenID Connect deployment strategy, I think one thing
is for sure: the tide of Internet identity is changing, and those businesses that position
themselves correctly will be in a position to be lifted by it.
Article resource:-http://thegluu.weebly.com/blog/the-future-of-cloud-identity