HAPPY BOOKSGIVING
Use code BOOKSGIVING during checkout to save 40%-55% on books and eBooks. Shop now.
Register your product to gain access to bonus material or receive a coupon.
Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpaceis the first insider’s guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors’ unparalleled experience earned by working with the CardSpace product team and by implementing state-of-the-art CardSpace-based systems at leading enterprises, it offers unprecedented insight into the realities of identity management: from planning and design through deployment.
Part I introduces the fundamental concepts of user-centered identity management, explains the context in which Windows CardSpace operates, and reviews the problems CardSpace aims to solve. Next, the authors walk through CardSpace from a technical standpoint, describing its technologies, elements, artifacts, operations and development practices, and usage scenarios. Finally, they carefully review the design and business considerations associated with architecting solutions based on CardSpace or any other user-centered identity management
system. Coverage includes
Whether you’re a developer, security specialist, or business decision-maker, this book will answer your most crucial questions about identity management, so you can protect everything that matters: your people, your assets, your partners, and your customers.
Foreword xv
Preface xviii
Part I Setting the Context
Chapter 1: The Problem 3
The Advent of Profitable Digital Crime 4
Passwords: Ascent and Decline 29
The Babel of Cryptography 36
The Babel of Web User Interfaces 79
Summary 84
Chapter 2: Hints Toward a Solution 87
A World Without a Center 89
The Seven Laws of Identity 92
The Identity Metasystem 110
Trust 115
WS-* Web Services Specifications: The Reification of the Identity Metasystem 136
Presenting Windows CardSpace 161
Summary 164
Part II THE TECHNOLOGY
Chapter 3: Windows CardSpace 169
CardSpace Walkthroughs 169
Is CardSpace Just for Websites? 175
System Requirements 176
What CardSpace Provides 177
A Deeper Look at Information Cards 184
Features of the CardSpace UI 204
Common CardSpace Management Tasks 210
User Experience Changes in .NET Framework 3.5 218
Summary 221
Chapter 4: CardSpace Implementation 223
Using CardSpace in the Browser 224
Federation with CardSpace 248
CardSpace and Windows Communication Foundation 252
CardSpace Without Web Services 262
Summary 268
Chapter 5: Guidance for a Relying Party 269
Deciding to Be a Relying Party 270
Putting CardSpace to Work 274
Privacy and Liability 299
Summary 302
Part III PRACTICAL CONSIDERATIONS
Chapter 6: Identity Consumers 305
Common Misconceptions about Becoming an Identity Provider 306
Criteria for Selecting an Identity Provider 309
Relying on an IP 315
Migration Issues 320
Summary 321
Chapter 7: Identity Providers 323
Uncovering the Rationale for Becoming an Identity Provider 324
What Does an Identity Provider Have to Offer? 334
Walking a Mile in the User’s Shoes 338
An Organization’s Identity 341
Summary 342
Index 343
Further information can be found at each of the author's blog sites. Click on the links below to open up an author's blog site in a new window:
Vittorio Bertocci's blog is at blogs.msdn.com/vbertocci
Garrett Serack's blog is at fearthecowboy.com
Caleb Baker's blog is at blogs.msdn.com/card
Understanding Windows CardSpace: Hints Toward a Solution
Foreword xv
Preface xviii
Part I Setting the Context
Chapter 1: The Problem 3
The Advent of Profitable Digital Crime 4
Passwords: Ascent and Decline 29
The Babel of Cryptography 36
The Babel of Web User Interfaces 79
Summary 84
Chapter 2: Hints Toward a Solution 87
A World Without a Center 89
The Seven Laws of Identity 92
The Identity Metasystem 110
Trust 115
WS-* Web Services Specifications: The Reification of the Identity Metasystem 136
Presenting Windows CardSpace 161
Summary 164
Part II THE TECHNOLOGY
Chapter 3: Windows CardSpace 169
CardSpace Walkthroughs 169
Is CardSpace Just for Websites? 175
System Requirements 176
What CardSpace Provides 177
A Deeper Look at Information Cards 184
Features of the CardSpace UI 204
Common CardSpace Management Tasks 210
User Experience Changes in .NET Framework 3.5 218
Summary 221
Chapter 4: CardSpace Implementation 223
Using CardSpace in the Browser 224
Federation with CardSpace 248
CardSpace and Windows Communication Foundation 252
CardSpace Without Web Services 262
Summary 268
Chapter 5: Guidance for a Relying Party 269
Deciding to Be a Relying Party 270
Putting CardSpace to Work 274
Privacy and Liability 299
Summary 302
Part III PRACTICAL CONSIDERATIONS
Chapter 6: Identity Consumers 305
Common Misconceptions about Becoming an Identity Provider 306
Criteria for Selecting an Identity Provider 309
Relying on an IP 315
Migration Issues 320
Summary 321
Chapter 7: Identity Providers 323
Uncovering the Rationale for Becoming an Identity Provider 324
What Does an Identity Provider Have to Offer? 334
Walking a Mile in the User’s Shoes 338
An Organization’s Identity 341
Summary 342
Index 343