SlideShare a Scribd company logo

From "Username and Password" to InfoCard

Download as PPT, PDF
G
goodfriday

InfoCard can bring a new level of security to authenticating users to your site. In this session, take a deep developer look at how this can be achieved. A traditional forms-based authentication implementation is converted to use InfoCard, along with explanations of the Web services, protocols, and security considerations that one needs to understand.

TechnologyBusiness
1 of 36
From Username & Password to "InfoCard" Richard Turner "InfoCard" Product Manager Microsoft Corporation Garrett Serack Program Manager Microsoft Corporation
Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object]
The Imperative to Connect Suppliers & Partners Businesses Employees Friends & Family Consumers
Who Are You?
The Internet Identity Crisis ,[object Object],[object Object],[object Object],Lack of Identity Online
Phishing & Phraud ,[object Object],[object Object],Source: http://www.antiphishing.org Dec 04 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec 05 7,197 4,630 4,367 5,242 5,259 4,564 4,280 3,326 2,854 2,870 2,625 2,560 1,707
Password Fatigue
"InfoCard" ,[object Object],[object Object],[object Object],[object Object],Easier Safer Built on WS-* Web Services Protocols
"InfoCard" cards ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Richard’s Card Woodgrove Bank
Private Desktop ,[object Object],[object Object],[object Object]
Contoso Car Rental
Participants Relying Party (website) User Identity Provider
Login with Self Issued Card Relying Party (website) User Object Tag Login
Select Self Issued Card Relying Party (website) User
Create Token from Card Relying Party (website) User
Sign, Encrypt & Send Token Relying Party (website) User
Login with Managed Card Relying Party (website) User Object Tag Identity Provider Login
Select Managed Card Relying Party (website) User Identity Provider
Request Security Token Relying Party (website) User Auth’: X509, Kerb, SIC, U/PWD … Identity Provider
Create Token from Card Relying Party (website) User Identity Provider
Sign, Encrypt & Send Token Relying Party (website) User Identity Provider
The Identity Metasystem ,[object Object],Open, inclusive, standards-based model Built upon “The Laws of Identity” "InfoCard" is a client agent within the IDMS
Building A Relying Party
Integrating with “InfoCard” ,[object Object],[object Object],[object Object],[object Object],[object Object]
1. Associate a user with a card CREATE PROCEDURE aspnet_infocard_associate (@UserId nvarchar(256), @card nvarchar (50) ) AS ... CREATE PROCEDURE aspnet_infocard_lookup (@card nvarchar (50) ) AS ...
2a. Create an association page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Update account with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
2b. Create an association page public partial class Associate_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { // check if an xmlToken is posted string xmlToken = Request[ &quot;xmlToken&quot; ]; if (xmlToken != null ) { TokenHelper tokenHelper = new TokenHelper (xmlToken); // get the unique id string uniqueID = tokenHelper.getUniqueID(); if (uniqueID != null && uniqueID != &quot;&quot; ) { //store it with the account. MembershipUser user = Membership .GetUser(); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } } } }
3a. Update the sign in page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Sign in with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
3b. Update the sign in page public partial class Login_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); // Lookup the account using the uniqueId string username = MembershipHelper .GetUser( tokenHelper.getUniqueID()); if (username != null ) { MembershipUser user = Membership .GetUser(username); // give the cookie back to the browser. FormsAuthentication .SetLoginCookie(user.UserName, false ); } } }
4a. Update the registration page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Register with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
4b. Update the registration page // ... string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); string uniqueId = tokenHelper.getUniqueID(); string emailAddress = tokenHelper.GetClaim( “ http://schemas.../emailaddress ”); string username = tokenHelper.GetClaim( “ http://schemas.../givenname ”); if (username != null ) { MembershipUser user = CreateUser( name , emailAddress ,... ); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } // ...
Summary
WinFX: .NET to the core
Getting WinFX & &quot;InfoCard&quot; ,[object Object],[object Object],[object Object],[object Object],[object Object],Q2 Q3 Q1 2006 Q2 Q4 Q1 2005 Q3 Q4 B1 CTP V1 RTM
&quot;InfoCard&quot; Summary Labs available in the MIX Sandbox! Consistent authentication for digital identities Reduces chances of being phished Adopting takes little developer effort
© 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Recommended

OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0Mihir Shah
 
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosMy Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosJohn Ferguson Smart Limited
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 PresentationMohamed Ahmed Abdullah
 
Php Form
Php FormPhp Form
Php Formlotlot
 
Web I - 04 - Forms
Web I - 04 - FormsWeb I - 04 - Forms
Web I - 04 - FormsRandy Connolly
 
Auction Portal
Auction PortalAuction Portal
Auction PortalPriyatham Bollimpalli
 
Help your library be omnipresent without spending a
Help your library be omnipresent without spending aHelp your library be omnipresent without spending a
Help your library be omnipresent without spending aNina McHale
 
The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2Khor SoonHin
 

Recommended

OAuth 2.0
OAuth 2.0OAuth 2.0
OAuth 2.0Mihir Shah
 
My Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosMy Reading Specs - Refactoring Patterns for Gherkin Scenarios
My Reading Specs - Refactoring Patterns for Gherkin ScenariosJohn Ferguson Smart Limited
 
OAuth 2 Presentation
OAuth 2 PresentationOAuth 2 Presentation
OAuth 2 PresentationMohamed Ahmed Abdullah
 
Php Form
Php FormPhp Form
Php Formlotlot
 
Web I - 04 - Forms
Web I - 04 - FormsWeb I - 04 - Forms
Web I - 04 - FormsRandy Connolly
 
Auction Portal
Auction PortalAuction Portal
Auction PortalPriyatham Bollimpalli
 
Help your library be omnipresent without spending a
Help your library be omnipresent without spending aHelp your library be omnipresent without spending a
Help your library be omnipresent without spending aNina McHale
 
The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2The Many Flavors of OAuth - Understand Everything About OAuth2
The Many Flavors of OAuth - Understand Everything About OAuth2Khor SoonHin
 
Quick Referance to WML
Quick Referance to WMLQuick Referance to WML
Quick Referance to WMLNitin Saswade
 
Grddl In A Nutshell V1
Grddl In A Nutshell V1Grddl In A Nutshell V1
Grddl In A Nutshell V1Fabien Gandon
 
Building Secure Twitter Apps
Building Secure Twitter AppsBuilding Secure Twitter Apps
Building Secure Twitter AppsDamon Cortesi
 
HTML5 Web Forms
HTML5 Web FormsHTML5 Web Forms
HTML5 Web FormsEstelle Weyl
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsAtlassian
 
Opensocial Codelab
Opensocial CodelabOpensocial Codelab
Opensocial CodelabPieter De Schepper
 
Ajax On S2 Odp
Ajax On S2 OdpAjax On S2 Odp
Ajax On S2 Odpghessler
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Clientgrutz
 
YQL talk at OHD Jakarta
YQL talk at OHD JakartaYQL talk at OHD Jakarta
YQL talk at OHD JakartaMichael Smith Jr.
 
Ajax ons2
Ajax ons2Ajax ons2
Ajax ons2Chad Davis
 
Zend Form Tutorial
Zend Form TutorialZend Form Tutorial
Zend Form TutorialMichelangelo van Dam
 
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009Jacob Gyllenstierna
 
Widgets Tools Keynote
Widgets Tools KeynoteWidgets Tools Keynote
Widgets Tools KeynoteMichael Mahemoff
 
Neil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItNeil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItCarsonified Team
 
Lecture3
Lecture3Lecture3
Lecture3Châu Thanh Chương
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQueryDoncho Minkov
 
Symfony2
Symfony2Symfony2
Symfony2mdpatrick
 
Form Validation
Form ValidationForm Validation
Form ValidationGraeme Smith
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazy Koder
 
03 handling requests
03 handling requests03 handling requests
03 handling requestsdhrubo kayal
 
Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052goodfriday
 
Triunemar05
Triunemar05Triunemar05
Triunemar05goodfriday
 

More Related Content

Similar to From "Username and Password" to InfoCard

Quick Referance to WML
Quick Referance to WMLQuick Referance to WML
Quick Referance to WMLNitin Saswade
 
Grddl In A Nutshell V1
Grddl In A Nutshell V1Grddl In A Nutshell V1
Grddl In A Nutshell V1Fabien Gandon
 
Building Secure Twitter Apps
Building Secure Twitter AppsBuilding Secure Twitter Apps
Building Secure Twitter AppsDamon Cortesi
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsAtlassian
 
Ajax On S2 Odp
Ajax On S2 OdpAjax On S2 Odp
Ajax On S2 Odpghessler
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Clientgrutz
 
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009Jacob Gyllenstierna
 
Neil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItNeil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItCarsonified Team
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQueryDoncho Minkov
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazy Koder
 
03 handling requests
03 handling requests03 handling requests
03 handling requestsdhrubo kayal
 

Similar to From "Username and Password" to InfoCard (20)

Quick Referance to WML
Quick Referance to WMLQuick Referance to WML
Quick Referance to WML
 
Grddl In A Nutshell V1
Grddl In A Nutshell V1Grddl In A Nutshell V1
Grddl In A Nutshell V1
 
Building Secure Twitter Apps
Building Secure Twitter AppsBuilding Secure Twitter Apps
Building Secure Twitter Apps
 
HTML5 Web Forms
HTML5 Web FormsHTML5 Web Forms
HTML5 Web Forms
 
Getting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial GadgetsGetting the Most Out of OpenSocial Gadgets
Getting the Most Out of OpenSocial Gadgets
 
Opensocial Codelab
Opensocial CodelabOpensocial Codelab
Opensocial Codelab
 
Ajax On S2 Odp
Ajax On S2 OdpAjax On S2 Odp
Ajax On S2 Odp
 
Web Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The ClientWeb Security Mistakes: Trusting The Client
Web Security Mistakes: Trusting The Client
 
YQL talk at OHD Jakarta
YQL talk at OHD JakartaYQL talk at OHD Jakarta
YQL talk at OHD Jakarta
 
Ajax ons2
Ajax ons2Ajax ons2
Ajax ons2
 
Zend Form Tutorial
Zend Form TutorialZend Form Tutorial
Zend Form Tutorial
 
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009OpenSocial - GTUG Stockholm Meeting Oct 1 2009
OpenSocial - GTUG Stockholm Meeting Oct 1 2009
 
Widgets Tools Keynote
Widgets Tools KeynoteWidgets Tools Keynote
Widgets Tools Keynote
 
Neil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do ItNeil Patel - What You Need to be Measuring and How to Do It
Neil Patel - What You Need to be Measuring and How to Do It
 
Lecture3
Lecture3Lecture3
Lecture3
 
External Data Access with jQuery
External Data Access with jQueryExternal Data Access with jQuery
External Data Access with jQuery
 
Symfony2
Symfony2Symfony2
Symfony2
 
Form Validation
Form ValidationForm Validation
Form Validation
 
Krazykoder struts2 data_tags
Krazykoder struts2 data_tagsKrazykoder struts2 data_tags
Krazykoder struts2 data_tags
 
03 handling requests
03 handling requests03 handling requests
03 handling requests
 

More from goodfriday

Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052goodfriday
 
09 03 22 easter
09 03 22 easter09 03 22 easter
09 03 22 eastergoodfriday
 
Holy Week Easter 2009
Holy Week Easter 2009Holy Week Easter 2009
Holy Week Easter 2009goodfriday
 
Holt Park Easter 09 Swim
Holt Park Easter 09 SwimHolt Park Easter 09 Swim
Holt Park Easter 09 Swimgoodfriday
 
Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092goodfriday
 
Eastercard2009
Eastercard2009Eastercard2009
Eastercard2009goodfriday
 
Easterservices2009
Easterservices2009Easterservices2009
Easterservices2009goodfriday
 
Bulletin Current
Bulletin CurrentBulletin Current
Bulletin Currentgoodfriday
 
March 2009 Newsletter
March 2009 NewsletterMarch 2009 Newsletter
March 2009 Newslettergoodfriday
 
Lent Easter 2009
Lent Easter 2009Lent Easter 2009
Lent Easter 2009goodfriday
 
Easterpowersports09
Easterpowersports09Easterpowersports09
Easterpowersports09goodfriday
 
Easter Trading 09
Easter Trading 09Easter Trading 09
Easter Trading 09goodfriday
 
Easter Brochure 2009
Easter Brochure 2009Easter Brochure 2009
Easter Brochure 2009goodfriday
 
March April 2009 Calendar
March April 2009 CalendarMarch April 2009 Calendar
March April 2009 Calendargoodfriday
 

More from goodfriday (20)

Narine Presentations 20051021 134052
Narine Presentations 20051021 134052Narine Presentations 20051021 134052
Narine Presentations 20051021 134052
 
Triunemar05
Triunemar05Triunemar05
Triunemar05
 
09 03 22 easter
09 03 22 easter09 03 22 easter
09 03 22 easter
 
Holy Week Easter 2009
Holy Week Easter 2009Holy Week Easter 2009
Holy Week Easter 2009
 
Holt Park Easter 09 Swim
Holt Park Easter 09 SwimHolt Park Easter 09 Swim
Holt Park Easter 09 Swim
 
Easter Letter
Easter LetterEaster Letter
Easter Letter
 
April2009
April2009April2009
April2009
 
Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092Swarthmore Lentbrochure20092
Swarthmore Lentbrochure20092
 
Eastercard2009
Eastercard2009Eastercard2009
Eastercard2009
 
Easterservices2009
Easterservices2009Easterservices2009
Easterservices2009
 
Bulletin Current
Bulletin CurrentBulletin Current
Bulletin Current
 
Easter2009
Easter2009Easter2009
Easter2009
 
Bulletin
BulletinBulletin
Bulletin
 
March 2009 Newsletter
March 2009 NewsletterMarch 2009 Newsletter
March 2009 Newsletter
 
Mar 29 2009
Mar 29 2009Mar 29 2009
Mar 29 2009
 
Lent Easter 2009
Lent Easter 2009Lent Easter 2009
Lent Easter 2009
 
Easterpowersports09
Easterpowersports09Easterpowersports09
Easterpowersports09
 
Easter Trading 09
Easter Trading 09Easter Trading 09
Easter Trading 09
 
Easter Brochure 2009
Easter Brochure 2009Easter Brochure 2009
Easter Brochure 2009
 
March April 2009 Calendar
March April 2009 CalendarMarch April 2009 Calendar
March April 2009 Calendar
 

Recently uploaded

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...panagenda
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlPeter Udo Diehl
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyJohn Staveley
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIES VE
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfFIDO Alliance
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityScyllaDB
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastUXDXConf
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024Stephen Perrenod
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftshyamraj55
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...CzechDreamin
 

Recently uploaded (20)

Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
Easier, Faster, and More Powerful – Alles Neu macht der Mai -Wir durchleuchte...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
Designing for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at ComcastDesigning for Hardware Accessibility at Comcast
Designing for Hardware Accessibility at Comcast
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024TopCryptoSupers 12thReport OrionX May2024
TopCryptoSupers 12thReport OrionX May2024
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
Oauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoftOauth 2.0 Introduction and Flows with MuleSoft
Oauth 2.0 Introduction and Flows with MuleSoft
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 

From "Username and Password" to InfoCard

  • 1. From Username & Password to &quot;InfoCard&quot; Richard Turner &quot;InfoCard&quot; Product Manager Microsoft Corporation Garrett Serack Program Manager Microsoft Corporation
  • 2.
  • 3. The Imperative to Connect Suppliers & Partners Businesses Employees Friends & Family Consumers
  • 5.
  • 6.
  • 8.
  • 9.
  • 10.
  • 12. Participants Relying Party (website) User Identity Provider
  • 13. Login with Self Issued Card Relying Party (website) User Object Tag Login
  • 14. Select Self Issued Card Relying Party (website) User
  • 15. Create Token from Card Relying Party (website) User
  • 16. Sign, Encrypt & Send Token Relying Party (website) User
  • 17. Login with Managed Card Relying Party (website) User Object Tag Identity Provider Login
  • 18. Select Managed Card Relying Party (website) User Identity Provider
  • 19. Request Security Token Relying Party (website) User Auth’: X509, Kerb, SIC, U/PWD … Identity Provider
  • 20. Create Token from Card Relying Party (website) User Identity Provider
  • 21. Sign, Encrypt & Send Token Relying Party (website) User Identity Provider
  • 22.
  • 24.
  • 25. 1. Associate a user with a card CREATE PROCEDURE aspnet_infocard_associate (@UserId nvarchar(256), @card nvarchar (50) ) AS ... CREATE PROCEDURE aspnet_infocard_lookup (@card nvarchar (50) ) AS ...
  • 26. 2a. Create an association page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Update account with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 27. 2b. Create an association page public partial class Associate_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { // check if an xmlToken is posted string xmlToken = Request[ &quot;xmlToken&quot; ]; if (xmlToken != null ) { TokenHelper tokenHelper = new TokenHelper (xmlToken); // get the unique id string uniqueID = tokenHelper.getUniqueID(); if (uniqueID != null && uniqueID != &quot;&quot; ) { //store it with the account. MembershipUser user = Membership .GetUser(); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } } } }
  • 28. 3a. Update the sign in page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Sign in with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 29. 3b. Update the sign in page public partial class Login_aspx : System.Web.UI. Page { protected void Page_Load( object sender, EventArgs e) { string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); // Lookup the account using the uniqueId string username = MembershipHelper .GetUser( tokenHelper.getUniqueID()); if (username != null ) { MembershipUser user = Membership .GetUser(username); // give the cookie back to the browser. FormsAuthentication .SetLoginCookie(user.UserName, false ); } } }
  • 30. 4a. Update the registration page <!-- ... --> < button onclick =&quot;javascript:return infocardlogin.submit();&quot;> Register with your Information Card </ button > < form name =&quot;infocardlogin&quot; target =&quot;_self&quot; method =&quot;post&quot;> < object type =&quot;application/x-informationcard&quot; name =&quot;xmlToken&quot;> < param name =&quot;tokenType&quot; value =&quot;urn:oasis:names:tc:SAML:1.0:assertion&quot;> < param name =&quot;issuer“ value =&quot;http://schemas..../identity/issuer/self&quot;> < param name =&quot;requiredClaims&quot; value =&quot;http://.../claims/givenname, http://.../claims/surname, http://../claims/emailaddress, http://.../claims/privatepersonalidentifier&quot;> </ object > </ form > <!-- ... -->
  • 31. 4b. Update the registration page // ... string xmlToken = Request[ &quot;xmlToken&quot; ]; TokenHelper tokenHelper = new TokenHelper (xmlToken); string uniqueId = tokenHelper.getUniqueID(); string emailAddress = tokenHelper.GetClaim( “ http://schemas.../emailaddress ”); string username = tokenHelper.GetClaim( “ http://schemas.../givenname ”); if (username != null ) { MembershipUser user = CreateUser( name , emailAddress ,... ); MembershipHelper .AssociateUser( user.UserName, uniqueID ); } // ...
  • 33. WinFX: .NET to the core
  • 34.
  • 35. &quot;InfoCard&quot; Summary Labs available in the MIX Sandbox! Consistent authentication for digital identities Reduces chances of being phished Adopting takes little developer effort
  • 36. © 2006 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.