[OpenID - Eu] TR: OpenID EU participation to Identity conference in Maastricht and to Liberty SIG HR/EDU SIG

Snorri snorri at snorri.eu
Fri Oct 10 13:42:17 UTC 2008 

All,

 

>From the different mail conversations I summarize the following:

 

1.       I will be present at 22 october at the conference

2.       I will give a presentation during the morning workshop: Building Trustworthy Architectures Workshop. Topics to adres are:

a.       User Centric Authentication Service (Pro’s and Cons)

b.      Different alternatives within market (OpenID, SAML, CardSpace)

c.       How we are realizing a trustworthy service using A-select.

3.       I will be present during the afternoon session focusing on:

a.       User centric authentication vs machine to machine authentication

b.      Attribute sharing and the need for a persistent unique identifier

 

For each presentation I will take about 20 minutes.

 

Please let me know if this is a correct interpretation

 

Please let me know so I can prepair on this.

 

(Just jumping in)

The slot I have open can accommodate an A-Select talk, especially if it can be bent slightly towards using open extensions and not just the user ID provider function. I am well aware that most organisations see A-Select as a single sign-on feature only, but you are totally right that it can be much more than that. In TAS3, A-Select is one of the potential identity providers.

If there would be any possibility to link it to activities in the Liberty Alliance, that would be a certain plus.


Jeroen

2008/10/6 Kick Willemse <K.Willemse at diginotar.nl>

Within our authentication service platform PASS we make use of http://a-select.surfnet.nl/

Within this authentication platform there is SAML support, but we still use the dedicated aselect protocol.

Within this protocol there are several options to provide additional attributes. At the moment most of our customers are only interested in getting one attribute (The unique identifier as how the user is authenticated within their system)

So this is how it works:

1. Accountant portal makes it possible for their customers to login securely using our authentication service
2. The customers clicks on login and is redirected to our pass service
3. The customer authenticates within our service using password, SMS, OTP or PKI
4. Our service returns an authenticated OK or Not OK to the account portal and also some additional attributes, like the unique customernumber
5. The account portal uses the additional attributes to welcome the user (Username) and uses the unique customernumber to map to his authorization DB.


I could show this process including the way how the customer gets registered for our service.


Kick


-- 
dr. ir. Jeroen Hoppenbrouwers

Synergetics NV/SA
Katwilgweg 2 | 2050 Antwerp | Belgium
T(+32)3/210.30.88 | F(+32)3/210.30.86 | M .nl (+31)610089272
M .be (+32)487924895 | VAT BE 0455.690.261
www.synergetics.be | jeroen at synergetics.be
---------------------------------------------
Disclaimer: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. Please note that any views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. The integrity and security of this message cannot be guaranteed without special precautions. GnuPG public key http://www.hoppie.nl/pki/f48b3320.asc

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-eu/attachments/20081010/d0fb34db/attachment-0001.htm>

More information about the eu mailing list