Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities
  • Alternative view 1 of Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities
  • Alternative view 2 of Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities

Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities

by Vittorio Bertocci, Caleb Baker, Garrett Serack
     
 

View All Available Formats & Editions

ISBN-10: 0321496841

ISBN-13: 9780321496843

Pub. Date: 01/10/2008

Publisher: Addison-Wesley

Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpace is the first insider's guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors' unparalleled

Overview

Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpace is the first insider's guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors' unparalleled experience earned by working with the CardSpace product team and by implementing state-of-the-art CardSpace-based systems at leading enterprises, it offers unprecedented insight into the realities of identity management: from planning and design through deployment.

Part I introduces the fundamental concepts of user-centered identity management, explains the context in which Windows CardSpace operates, and reviews the problems CardSpace aims to solve. Next, the authors walk through CardSpace from a technical standpoint, describing its technologies, elements, artifacts, operations and development practices, and usage scenarios. Finally, they carefully review the design and business considerations associated with architecting solutions based on CardSpace or any other user-centered identity management system. Coverage includes:

  • The limitations of current approaches to authentication and identity management
  • Detailed information on advanced Web services
  • The Identity Metasystem, the laws of identity, and the ideal authentication system
  • Windows CardSpace: What it is, how it works, and how developers and managers can use it in their organizations
  • CardSpace technology: user experience, Information Cards, private desktops, and integration with .NET 3.5 and Windows Vista
  • CardSpace implementation: from HTML integration through federation, Web services integration, and beyond
  • Adding personal card support to a website: a detailed, scenario-based explanation
  • Choosing or becoming an identity provider: opportunities, business impacts, operational issues, and pitfalls to avoid
  • Using CardSpace to leverage trust relationships and overcome phishing

    Whether you’re a developer, security specialist, or business decision-maker, this book will answer your most crucial questions about identity management, so you can protect everything that matters: your people, your assets, your partners, and your customers.

  • Product Details

    ISBN-13:
    9780321496843
    Publisher:
    Addison-Wesley
    Publication date:
    01/10/2008
    Series:
    Independent Technology Guides Series
    Pages:
    354
    Product dimensions:
    7.00(w) x 9.12(h) x 0.92(d)

    Table of Contents

    Foreword xv

    Preface xviii

    Part I Setting the Context

    Chapter 1: The Problem 3

    The Advent of Profitable Digital Crime 4

    Passwords: Ascent and Decline 29

    The Babel of Cryptography 36

    The Babel of Web User Interfaces 79

    Summary 84

    Chapter 2: Hints Toward a Solution 87

    A World Without a Center 89

    The Seven Laws of Identity 92

    The Identity Metasystem 110

    Trust 115

    WS-* Web Services Specifications: The Reification of the Identity Metasystem 136

    Presenting Windows CardSpace 161

    Summary 164

    Part II THE TECHNOLOGY

    Chapter 3: Windows CardSpace 169

    CardSpace Walkthroughs 169

    Is CardSpace Just for Websites? 175

    System Requirements 176

    What CardSpace Provides 177

    A Deeper Look at Information Cards 184

    Features of the CardSpace UI 204

    Common CardSpace Management Tasks 210

    User Experience Changes in .NET Framework 3.5 218

    Summary 221

    Chapter 4: CardSpace Implementation 223

    Using CardSpace in the Browser 224

    Federation with CardSpace 248

    CardSpace and Windows Communication Foundation 252

    CardSpace Without Web Services 262

    Summary 268

    Chapter 5: Guidance for a Relying Party 269

    Deciding to Be a Relying Party 270

    Putting CardSpace to Work 274

    Privacy and Liability 299

    Summary 302

    Part III PRACTICAL CONSIDERATIONS

    Chapter 6: Identity Consumers 305

    Common Misconceptions about Becoming an Identity Provider 306

    Criteria for Selecting an Identity Provider 309

    Relying on an IP 315

    Migration Issues 320

    Summary 321

    Chapter 7: Identity Providers 323

    Uncovering the Rationale for Becoming an Identity Provider 324

    What Does an Identity Provider Have to Offer? 334

    Walking a Mile in the User’s Shoes 338

    An Organization’s Identity 341

    Summary 342

    Index 343

    Customer Reviews

    Average Review:

    Write a Review

    and post it to your social network

         

    Most Helpful Customer Reviews

    See all customer reviews >