Over the past 2 months, I've been evaluating technologies to support flexible work arrangements such as working from home. I've tried MSN messaging, Yahoo IM, AOL AIM, Second Life, Wikis, Blogs, Facebook and Webex. Each one of these sites required me to establish a new user account. To be honest, I cannot remember which username and password is used with which site. OpenID is the cool technology of the week that can help solve this mess by creating "single sign on" across many vendor products.
The idea is simple - a web site serves as a trusted site for OpenID credentials. Other websites then trust this site, using it to authenticate users via simple well known internet standards ((URI, HTTP, SSL, Diffie-Hellman). By using OpenID, websites such as AOL, Technorati, Blogger, and Plaxo make it easy to signup and login, empowering users with one credential for all their instant messaging, blogging and social networking needs. The complete directory of all internet applications which support open ID is here. It's estimated that there are over 160-million OpenID users with nearly ten-thousand sites supporting OpenID logins.
There are caveats. Anyone can sign up to be a source of OpenIDs, so an unsuspecting user may sign up for credentials on an inscrutable site. Once their OpenID credentials are known, they could be used to by a hacker to break into banking or other sites not specifically OpenID enabled, since most users tend to reuse similar credentials at every site they access. There is no concept of certifying an OpenID provider or running a criminal record information check on folks who operate OpenID sites.
That being said, the OpenID, is certainly useful for those sites where security and identity pose little risk such as social networking and informational web sites. Also, OpenID could be very useful for intranets, where the provider of the OpenID is the institution itself and users then use OpenID to access applications running within the institution. In my next revision of the Harvard portal called eCommons, I will support OpenID as a means of linking together all the various domain credentials used in the Harvard environment.
In my opinion, the internet will eventually move to the concept of federated trust for authentication such as OpenID. OpenID will become even more powerful and useful when there is a credentialing mechanism to certify providers are trustworthy.
Subscribe to:
Post Comments (Atom)
5 comments:
OpenID is also worth consideration as a solution to the problem of patient identity on the Internet. The current approach to locating a medical record using Master Patient Index technology has both privacy and scalability problems when extended beyond a single enterprise with a well controlled user population.
Using OpenID, hospitals, labs and other medical services can allow patients to voluntarily specify and control the identity through which their personal medical records are accessed via the Internet. Enterprise identifiers would remain within the scope of the enterprise along with other private information. Federated trust can eliminate the need for government mandated identifiers as patients voluntarily choose the institution that will host their (medical) OpenID. By analogy to credit card federations, a consumer is free to identify herself with the credit card they choose and a merchant is free to accept or decline a credit card. The medical equivalent of a cash transaction would be one where the service is rendered anonymously and web access is restricted to a one-time password or pseudonym.
See Patient ID on the Internet for a more detailed discussion.
John, Good post! I wanted to point out that there are IdP's who offer a heightened level of security. I work for Vidoop who is first off a security software company, but second an Idp that offers top tier security over it's users IdP account at no cost. There is a lot of talk in the most recent OpenID Spec (2.0) related to authentication for higher risk access. See openid.net for some extensive details. Thanks for thinking ahead.
Hello Jon
here in the UK we are actively considering the adoption of OpenID as the basis for identity management for the National Institute for Health Research (http://www.nihr.ac.uk)
Dr Ben Toth
^^Thanks!!
徵徵徵婚前徵信徵婚姻感情徵大陸抓姦徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵外遇抓姦法律諮詢家暴徵婚前徵信尋人感情挽回大陸抓姦離婚徵徵工商徵信徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵婚前徵信外遇抓姦感情挽回尋人大陸抓姦離婚家暴徵徵工商徵信法律諮詢徵徵徵跟蹤徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵工商徵信徵徵婚前徵信感情挽回外遇抓姦法律諮詢家暴尋人大陸抓姦離婚徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵大陸抓姦徵外遇徵徵徵尋人徵徵家暴徵徵徵徵徵徵徵徵徵工商徵信法律諮詢家暴感情挽回大陸抓姦外遇婚前徵信離婚徵徵尋人徵徵徵徵徵徵徵徵徵徵徵徵工商徵信徵徵徵徵徵徵外遇抓姦法律諮詢家暴婚前徵信大陸抓姦尋人感情挽回徵徵徵徵徵徵徵徵徵徵外遇抓姦婚前徵信感情挽回尋人大陸抓姦工商徵信法律諮詢離婚家暴徵徵徵徵徵徵徵徵徵徵徵徵徵徵工商徵信外遇抓姦法律諮詢家暴婚前徵信尋人感情挽回大陸抓姦離婚徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵婚前徵信工商徵信外遇抓姦尋人離婚家暴大陸抓姦感情挽回法律諮詢徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵離婚感情挽回婚前徵信外遇抓姦家暴尋人徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵工商徵信外遇抓姦法律諮詢家暴婚前徵信尋人感情挽回">徵大陸抓姦離婚徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵婚前徵信工商徵信外遇抓姦尋人離婚家暴大陸抓姦感情挽回法律諮詢徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵徵
cheap wedding gowns,
discount bridal gowns,
China wedding dresses,
discount designer wedding dresses,
China wedding online store,
plus size wedding dresses,
cheap informal wedding dresses,
junior bridesmaid dresses,
cheap bridesmaid dresses,
maternity bridesmaid dresses,
discount flower girl gowns,
cheap prom dresses,
party dresses,
evening dresses,
mother of the bride dresses,
special occasion dresses,
cheap quinceanera dresses,
hot red wedding dresses
Post a Comment