Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities
Book Details
Description
Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpaceis the first insider’s guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors’ unparalleled experience earned by working with the CardSpace product team and by implementing state-of-the-art CardSpace-based systems at leading enterprises, it offers unprecedented insight into the realities of identity management: from planning and design through deployment.
Part I introduces the fundamental concepts of user-centered identity management, explains the context in which Windows CardSpace operates, and reviews the problems CardSpace aims to solve. Next, the authors walk through CardSpace from a technical standpoint, describing its technologies, elements, artifacts, operations and development practices, and usage scenarios. Finally, they carefully review the design and business considerations associated with architecting solutions based on CardSpace or any other user-centered identity management
system. Coverage includes
- The limitations of current approaches to authentication and identity management
- Detailed information on advanced Web services
- The Identity Metasystem, the laws of identity, and the ideal authentication system
- Windows CardSpace: What it is, how it works, and how developers and managers can use it in their organizations
- CardSpace technology: user experience, Information Cards, private desktops, and integration with .NET 3.5 and Windows Vista
- CardSpace implementation: from HTML integration through federation, Web services integration, and beyond
- Adding personal card support to a website: a detailed, scenario-based explanation
- Choosing or becoming an identity provider: opportunities, business impacts, operational issues, and pitfalls to avoid
- Using CardSpace to leverage trust relationships and overcome phishing
Whether you’re a developer, security specialist, or business decision-maker, this book will answer your most crucial questions about identity management, so you can protect everything that matters: your people, your assets, your partners, and your customers.
Â
Foreword xv
Preface xviii
Part I Setting the Context
Chapter 1: The Problem 3
 The Advent of Profitable Digital Crime 4
 Passwords: Ascent and Decline 29
 The Babel of Cryptography 36
 The Babel of Web User Interfaces 79
 Summary 84
Chapter 2: Hints Toward a Solution 87
 A World Without a Center 89
 The Seven Laws of Identity 92
 The Identity Metasystem 110
 Trust 115
 WS-* Web Services Specifications: The Reification of the Identity Metasystem 136
 Presenting Windows CardSpace 161
 Summary 164
Part II THE TECHNOLOGY
Chapter 3: Windows CardSpace 169
 CardSpace Walkthroughs 169
 Is CardSpace Just for Websites? 175
 System Requirements 176
 What CardSpace Provides 177
 A Deeper Look at Information Cards 184
 Features of the CardSpace UI 204
  Common CardSpace Management Tasks 210
 User Experience Changes in .NET Framework 3.5 218
 Summary 221
Chapter 4: CardSpace Implementation 223
 Using CardSpace in the Browser 224
 Federation with CardSpace 248
 CardSpace and Windows Communication Foundation 252
 CardSpace Without Web Services 262
 Summary 268
Chapter 5: Guidance for a Relying Party 269
 Deciding to Be a Relying Party 270
 Putting CardSpace to Work 274
 Privacy and Liability 299
 Summary 302
Part III PRACTICAL CONSIDERATIONS
Chapter 6: Identity Consumers 305
 Common Misconceptions about Becoming an Identity Provider 306
 Criteria for Selecting an Identity Provider 309
 Relying on an IP 315
 Migration Issues 320
 Summary 321
Chapter 7: Identity Providers 323
 Uncovering the Rationale for Becoming an Identity Provider 324
 What Does an Identity Provider Have to Offer? 334
 Walking a Mile in the User’s Shoes 338
 An Organization’s Identity 341
 Summary 342
Index 343
