identity in the browser 2011
play

Identity in the Browser 2011 Michael Hanson, Dan Mills, Ben Adida - PowerPoint PPT Presentation

Mar 07, 2024 •373 likes •483 views

Identity in the Browser 2011 Michael Hanson, Dan Mills, Ben Adida A quick history - current and proposed browser identity features Password store & sync Account Manager authentication and session metaprotocol Contacts API

  1. Identity in the Browser 2011 Michael Hanson, Dan Mills, Ben Adida

  2. A quick history - current and proposed browser identity features • Password store & sync • “Account Manager” authentication and session metaprotocol • Contacts API prototype • OpenID sniffer / ID presentation widget

  3. 2010: Account Manager • Metaprotocol for site advertisement of authentication capabilities and session state • Profiles for HTTP Basic, HTTP Form • Very difficult to handle federated cases: huge number of error paths, no clear user model, hard to get agreement across browsers

  4. subgoal: Man a ging Session State • DOM-level announcement of session(s) with identifiers, termination URL or JS callback, optional cookie “trigger” • e.g. navigator.id.sessions = [ { id: “username@email.com”, end: “http://site.com/logout” } ]

  5. Step back: Minimal distributed identity system • Distributed means hostnames. Identifier at hostname? • Current RP systems are all based on email addresses: user-memorable, convenient, recognizable. (but: spammable, correlatable) • RPs treat control of email address as stronger than username/password. • Directed pseudonymity (anonymous remail) is a well-understood property of email. • Discovery of attributes is well understood - stable identifiers help.

  6. a proposal: Verified Email Assertions • navigator.id.getVerifiedEmail( <callback>, challenge) • window.onVerifiedEmail( function(assertion) {...}) native gives a nice UI and stronger security but we’ve got a pure JS, streamed-in API working

  7. Identity provider’s half: • navigator.id.registerVerifiedEmail(id, <pubkey-callback>) • navigator.id.certifyVerifiedEmail(id, <cert>) • public key advertisement/discovery much to discuss: • automated pseudonym provisioning • limitations on register: session-only, non-persist, encrypted only • limitations of key and certificate: long-lived key, short-lived cert? • automatic cert refresh - but with what credential?

  10. • Machines are multiuser • Users are multipersona • Core questions: • From site to user, “who are you”, and “how do I talk to you?” • From user to site, “I am <facet of me>”, and “You may know this about me”

Recommend

The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by

The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by

The Nexus of Identity IBM's submission for the W3C Identity in the Browser Workshop by Maryann Hondo, Mary Ellen Zurko, Matthew Flaherty, Paula K. Austel, Sridhar Muppidi Net - net of the paper Our customers expect us to give them the

558 views • 9 slides
Identity in the browser at 5. Lessons learned. Paul Trevithick paul@azigo.com

Identity in the browser at 5. Lessons learned. Paul Trevithick paul@azigo.com

Identity in the browser at 5. Lessons learned. Paul Trevithick paul@azigo.com informationcard.net higgins-project.org Tuesday, May 24, 2011 Infocard in 60 seconds flat Tuesday, May 24, 2011 Click: Card picker window appears Tuesday, May 24,

349 views • 11 slides
NSTIC, Privacy and Social Login Presentation at the W3C Workshop on Identity in the Browser

NSTIC, Privacy and Social Login Presentation at the W3C Workshop on Identity in the Browser

NSTIC, Privacy and Social Login Presentation at the W3C Workshop on Identity in the Browser Francisco Corella and Karen P. Lewison Pomcor 1 05/03/2011 Pomcor Getting Rid of Passwords n is one long term goal of NSTIC n But it may

255 views • 7 slides
Identity in the Browser -or- Putting the Cart Before the Horse? Andy Steingruebl and Jeff

Identity in the Browser -or- Putting the Cart Before the Horse? Andy Steingruebl and Jeff

Identity in the Browser -or- Putting the Cart Before the Horse? Andy Steingruebl and Jeff Hodges {asteingruebl,jeff.hodges}@paypal.com PayPal Information Risk Management Position Paper for W3C Workshop on Identity in the Browser May 24

413 views • 9 slides
Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C

Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C

Mobile Provided Identity Authentication on the Web tle pt by Jonas Hgberg, Ericsson for W3C s WS on Identity in the Browser tle pt 24-5th May 11 Mountain View, CA, USA Mobile Provided Identity Authentication itle on the Web pt

298 views • 13 slides
Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen

Identity Theft Identity Theft Identity theft occurs when your personal information is stolen and used without your knowledge to commit fraud or other crimes Identity theft can cost you time and money. Tips for Preventing Identity Theft

322 views • 10 slides
Authentication and Identity Systems Brad Hill Me iSEC Partners: 2005 Mid-April 2011

Authentication and Identity Systems Brad Hill Me iSEC Partners: 2005 Mid-April 2011

Common Flaws of Distributed Authentication and Identity Systems Brad Hill Me iSEC Partners: 2005 Mid-April 2011 PayPal ISG: Mid-May 2011 - ??? Reminder: This workshops RFP close: Early April 2011 My position paper does not

343 views • 11 slides
Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase

Identity and Access Management Using Identity Management and Identity Governance to increase Automation and Security. Identity Management (IAM, IdM) defining and managing the roles and access privileges of individual network users, and the

2.89k views • 13 slides
IDENTITY What is the Relationship Between Identity and the College Experience? What Role

IDENTITY What is the Relationship Between Identity and the College Experience? What Role

2/15/2019 Jordan Truex Agenda or Summary Layout The Road to SelfAuthorship NonTraditional Students Effective Interview Strategies Meeting the Student Where They Are IDENTITY What is the Relationship Between Identity and the

367 views • 10 slides
2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no

2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no

2007 Self morphing viruses 2009 - The Zeus virus Man in the browser attacks no browser is safe 2011 300% increase in cyber attacks Who they are Why they do it Who are the targets Our filter processes 3 billion

407 views • 17 slides
Smart Cards Carrying certificates around How do you use your [digital] identity? Install your

Smart Cards Carrying certificates around How do you use your [digital] identity? Install your

4/25/08 Smart Cards Carrying certificates around How do you use your [digital] identity? Install your certificate in browser On-computer keychain file Need there be more? 1 4/25/08 Smart cards Smart card Portable device

316 views • 4 slides
What is Identity Theft? &quot;Someone obtaining your personal identifying information without

What is Identity Theft? &quot;Someone obtaining your personal identifying information without

Identity Fraud: Protecting Your Identity Between Work and Play Ryan Sothan, Outreach Coordinator Nebraska Department of Justice, Office of the Attorney General Consumer Protection and Anti-Trust Division What is Identity Theft?

314 views • 18 slides
Finally Curing The Identity Crisis? (ID-Mapping Re-Re-Re-Visited) sambaXP 2011 Michael Adam

Finally Curing The Identity Crisis? (ID-Mapping Re-Re-Re-Visited) sambaXP 2011 Michael Adam

Finally Curing The Identity Crisis? (ID-Mapping Re-Re-Re-Visited) sambaXP 2011 Michael Adam obnox@samba.org Samba Team / SerNet 2011-05-10 Mini History of ID Mapping in Samba3 up to 3.0.24 simple single configuration idmap backend

623 views • 51 slides
A Secure Architecture for Untrusted Web Browser Plugins Achim Weimert SECT/TU-Berlin March 18,

A Secure Architecture for Untrusted Web Browser Plugins Achim Weimert SECT/TU-Berlin March 18,

A Secure Architecture for Untrusted Web Browser Plugins Achim Weimert SECT/TU-Berlin March 18, 2011 Achim Weimert (SECT/TU-Berlin) Web Browser Plugin Architecture March 18, 2011 1 / 21 Outline Introduction 1 Design 2 3 Implementation

424 views • 24 slides
Browser and Network request Browser website CS 4803 reply Network OS Computer and Network

Browser and Network request Browser website CS 4803 reply Network OS Computer and Network

Browser and Network request Browser website CS 4803 reply Network OS Computer and Network Security Hardware Alexandra (Sasha) Boldyreva Browser sends requests May reveal private information (in forms, cookies) Web security.

517 views • 7 slides
RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS

RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS

RequireJS Javascript Modules for the Browser By Ben Keith Quoin, Inc. Traditional Browser JS One global namespace Often inline JS code embedded directly in HTML Many &lt;script&gt; tags with hidden ordering dependencies Very

362 views • 15 slides
my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about:

my Identity TM 2 my Identity Learning objectives In this overview, you will learn about: The four components of my Identity TM How the product can benefit customers in real-world scenarios The benefits of the product for brokers 3

530 views • 19 slides
Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24

Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24

People stronger together Nicola Huckerby Adopting the global Marketing Lead Domains.coop co-operative identity www.identity.coop 24 April 2015 Co-operative identity Visual identity Online identity www.domains.coop @domainsdotcoop

944 views • 58 slides
Requirements for Secure Device Authentication Iden&amp;ty in the browser

Requirements for Secure Device Authentication Iden&amp;ty in the browser

Requirements for Secure Device Authentication Iden&amp;ty in the browser workshop, 24-25 May 2011, Mountain View Mark Watson, Mitch Zollinger, Wesley Miaw 1

327 views • 9 slides
Browser Support for the Open Authoriza4on (OAuth) Protocol

Browser Support for the Open Authoriza4on (OAuth) Protocol

Browser Support for the Open Authoriza4on (OAuth) Protocol hGp://www.w3.org/2011/iden4ty-ws/papers/idbrowser2011_submission_32.pdf Hannes Tschofenig, Barry Leiba, Blaine Cook,

434 views • 8 slides
Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does

Circumventing Internet censorship with Tor Philipp Winter The Tor Project What Tor Browser does Standard Tor is easy to block GetTor helps you get Tor Browser GetTor helps you get Tor Browser Tor Browser ships with default

567 views • 24 slides
OAuth 2.0 for Browser Based Apps OAuth Security Workshop 2019 David Waite, Principal Technical

OAuth 2.0 for Browser Based Apps OAuth Security Workshop 2019 David Waite, Principal Technical

OAuth 2.0 for Browser Based Apps OAuth Security Workshop 2019 David Waite, Principal Technical Architect, Ping Identity Purpose Best Current Practices Document Builds mostly on RFC 8252 - OAuth 2.0 for Native Apps I-D

386 views • 10 slides
Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based

Contents Background Key Escrow free Identity-based Identity-based Cryptosystem Cryptosystem Identity-based Signature Conclusion Manik Lal Das DA-IICT, Gandhinagar, India About DA-IICT and Our Group DA-IICT is a private university,

563 views • 35 slides
So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were

So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were

So Some facts About 43% of all reported identity thefts in the U.S. in 2013 were medical-related, according to a study released last month by Identity Theft Resource Center (ITRC). 1 in 3 people report a problem after their identity is

827 views • 26 slides

More recommend