The Internet's security problems could be corrected by exploiting existing standards and protocols for Web services, security, identity, and authentication, writes Roger A. Grimes. Such protocols include Web Services specifications and extensions, Security Assertion Markup Language, Simple Object Access Protocol, WS-Security, WS-Federation, WS-Trust, OpenID, and Security Token Service. "Essentially all these open standard protocols and specifications will allow huge, interconnected identity and authentication systems to be created between multiple, disparate parties," Grimes writes. "In relation to cloud services, these standards are often the way you will connect to them." In other words, "the specifications . . . allow the identity and authentication services necessary to connect to cloud services to be 'clouded' themselves," he says. Users will be able to receive one or more security tokens from one or more authentication providers and employ them as they desire, while each token can have one or more claims, which is any information characteristic associated with a specific identity. Grimes says these new specs and standards will facilitate the construction of massive identity metasystems in which large circles of trust can be organized through the linkage of many disparate identity/authentication systems. This would eliminate the boundaries created by every commercial Internet service's own isolated authentication system, he concludes.
View Full Article
No entries found