You are previewing Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities.
O'Reilly logo
Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities

Book Description

Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpaceis the first insider’s guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors’ unparalleled experience earned by working with the CardSpace product team and by implementing state-of-the-art CardSpace-based systems at leading enterprises, it offers unprecedented insight into the realities of identity management: from planning and design through deployment.

Part I introduces the fundamental concepts of user-centered identity management, explains the context in which Windows CardSpace operates, and reviews the problems CardSpace aims to solve. Next, the authors walk through CardSpace from a technical standpoint, describing its technologies, elements, artifacts, operations and development practices, and usage scenarios. Finally, they carefully review the design and business considerations associated with architecting solutions based on CardSpace or any other user-centered identity management

system. Coverage includes

  • The limitations of current approaches to authentication and identity management

  • Detailed information on advanced Web services

  • The Identity Metasystem, the laws of identity, and the ideal authentication system

  • Windows CardSpace: What it is, how it works, and how developers and managers can use it in their organizations

  • CardSpace technology: user experience, Information Cards, private desktops, and integration with .NET 3.5 and Windows Vista

  • CardSpace implementation: from HTML integration through federation, Web services integration, and beyond

  • Adding personal card support to a website: a detailed, scenario-based explanation

  • Choosing or becoming an identity provider: opportunities, business impacts, operational issues, and pitfalls to avoid

  • Using CardSpace to leverage trust relationships and overcome phishing

  • Whether you’re a developer, security specialist, or business decision-maker, this book will answer your most crucial questions about identity management, so you can protect everything that matters: your people, your assets, your partners, and your customers.

    Foreword xv

    Preface xviii

    Part ISetting the Context

    Chapter 1: The Problem 3

      The Advent of Profitable Digital Crime 4

      Passwords: Ascent and Decline 29

      The Babel of Cryptography 36

      The Babel of Web User Interfaces 79

      Summary 84

    Chapter 2: Hints Toward a Solution 87

      A World Without a Center 89

      The Seven Laws of Identity 92

      The Identity Metasystem 110

      Trust 115

      WS-* Web Services Specifications: The Reification of the Identity Metasystem 136

      Presenting Windows CardSpace 161

      Summary 164


    Chapter 3: Windows CardSpace 169

      CardSpace Walkthroughs 169

      Is CardSpace Just for Websites? 175

      System Requirements 176

      What CardSpace Provides 177

      A Deeper Look at Information Cards 184

      Features of the CardSpace UI 204

      Common CardSpace Management Tasks 210

      User Experience Changes in .NET Framework 3.5 218

      Summary 221

    Chapter 4: CardSpace Implementation 223

      Using CardSpace in the Browser 224

      Federation with CardSpace 248

      CardSpace and Windows Communication Foundation 252

      CardSpace Without Web Services 262

      Summary 268

    Chapter 5: Guidance for a Relying Party 269

      Deciding to Be a Relying Party 270

      Putting CardSpace to Work 274

      Privacy and Liability 299

      Summary 302


    Chapter 6: Identity Consumers 305

      Common Misconceptions about Becoming an Identity Provider 306

      Criteria for Selecting an Identity Provider 309

      Relying on an IP 315

      Migration Issues 320

      Summary 321

    Chapter 7: Identity Providers 323

      Uncovering the Rationale for Becoming an Identity Provider 324

      What Does an Identity Provider Have to Offer? 334

      Walking a Mile in the User’s Shoes 338

      An Organization’s Identity 341

      Summary 342

    Index 343