O'Reilly logo

Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities by Caleb Baker, Garrett Serack, Vittorio Bertocci

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

7

Identity Providers

Managed Cards, unlike Personal Cards, are created by an identity provider (IP) and given to a person. The cardholder, when visiting a site and wanting to use the card, must first authenticate himself to the IP, who creates the token with the appropriate data and passes it back to the user, who may in turn pass it to a relying party (RP). The card itself contains nothing more than the metadata of the information it represents. The card is stored on the user’s computer in an encrypted data file but can only be used to request the data from the security token service that the IP has encoded into the card.

Users expect a great deal from an IP

Rationalizing the decision to become an IP is more than just declaring to do so. An ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required