|
|
Browse by Tags
All Tags » Windows Cardspace (RSS)
-
Almost a year has passed since TechEd EMEA; I remember giving a chalk talk on STSes and claims based identity in general, and a guy from the audience who was asking especially elaborate questions... it was clear that he was hands on and had a lot of experience in developing for CardSpace. I later learned that he was Peter, from Fun Communications , and had a great project brewing: a loyalty card system, one of the most fitting scenarios for information cards. During the last year they talked in various occasions about the topic: at last CeBit and at the European Identity Conference come to mind. This morning (blessed time zone differences) I found in my inbox a nice surprise: Fun just released to the web their loyalty card project ! From the press release : Portal for issuing virtual loyalty cards opened fun communications presents the virtual loyalty card for the Internet. Now available at www.webcard-loyalty.com - long-term customer loyalty with virtual loyalty and bonus cards. Karlsruhe, September 9, 2008 Following successful completion of the beta phase, fun communications GmbH today Tuesday opens its new portal for creating, issuing and administering virtual loyalty cards. Dealers and portal operators can generate their very own virtual loyalty and bonus cards in just three steps at www.webcard-loyalty.com. Beginning with the design and contents of the cards, over the definition of limited time voucher and discount campaigns, through to the issue of the virtual loyalty cards Read More...
|
-
Greetings from the far New Zealand :-) this is a great place, I wish I'd have more time to look around. I compensated by spending a stupid amount of money in souvenirs (all bought in about 20 mins, so without much judgement (if ever)). Yesterday I had my session on Cloud & Identity, and in few mins I'll have the one about Zermatt. While I wait to get to the podium, I'm typing this quick post to point you to a brief video interview I had with the excellent Mark Carroll: you can find it on the TechEd Live pages. Boy, I sure gesticulate a lot :-) you know how the old saying goes: if you want to reduce an Italian to silence, just tie his hands! (BTW: happy Labor Day for ev'body in the US) Read More...
|
-
Mark Russinovich had a nice chat with David; check it out here . I really appreciate the practice of annotating the video with the times at which certain topics are touched, that allows me to thumb through things like I'm used to do with text: HUGE time saver! Ryan was to kind to suggest me to check out the view of the bookshelf on frame at 40.6s, shown below: if you look on the right, between "Windows with C/C++" and the old-style MSDN Universal container, you'll spot a certain well known title :-) Read More...
|
-
Relying Parties often identify subjects using the Private Personal Identifier (PPID) claim and Signing Key values sent by an Information Card. Thus, it is important that the PPID and Signing Key values produced by a card be stable and long-lived.
Unfortunately, the PPIDs and Signing Keys generated by self-issued (a.k.a. personal) Information Cards using the [...] Read More...
|
-
IBM and Microsoft just published the specification “Application Note: Web Services Addressing Endpoint References and Identity” at http://schemas.xmlsoap.org/ws/2006/02/addressingidentity/. This specification is referenced by the Identity Selector Interoperability Profile (ISIP) and is covered by Microsoft’s Open Specification Promise (OSP). This completes the publication and licensing under the OSP of all specifications that Information Cards [...] Read More...
|
-
I am sure you are all more than familiar with DreamSpark , the amazing (YES, amazing. Bravo Milo!) offer through which Microsoft gives access to developer & designer tools at no charge. That requires, naturally, to be able to prove that you are indeed a student. Eduserv is a not-for-profit UK-based organization that focuses on IT solutions for the education sector: their identity management solutions are used by over 4 millions of students from universities in UK & other countries. And here comes the interesting bit: Eduserv wrote an identity management component for DreamSpark integrated with their OpenAthens SP , and based on WCF & CardSpace :-) you can read about this on a recently published case study (word document here ). With all the identity talent that runs abundant in the Microsoft offices in UK (Paul MacKinnon & Planky, congrats!) it is not really a surprise to see that they are ahead of the curve, but it is most definitely a pleasure :-) congratulations to all the people involved! Read More...
|
-
The latest issue of the Architecture Journal is available for download here (I am breaking the news even before the rest of the pages are updated from issue 15 to issue16: see how much I care about you?;-)). What makes this especially interesting is that issue 16 is entirely dedicated to identity! I have to admit that I've yet to read most of the articles, but I've definitely went through 2 of them: One is an interview/profile with Kim Cameron. It's a nice read, and I am sure you'll enjoy to know more about Kim The other is an article from yours truly, titled "Claims and Identity, On-Premise and Cloud Solutions". It expands on this post , and rolls in various others Writing for the Architecture Journal is a big honor, as you can see from the list of high profile former contributors, and I am very grateful to Diego for having my article in this issue. Thanks man! And thanks also to Gianpaolo , with whom I had many deep discussions that helped me to keep the abstraction tangents to what i hope is an acceptable level :-) As usual, if you have feedback feel free to send it my way Read More...
|
-
With few weeks of delay I finally forced in my schedule the conclusion of my little getting started series "... using Zermatt" (links to former episodes: setting up an STS for smartcard-backed managed cards & issuing smartcard-backed managed cards ). The first posts I wrote about Zermatt were all about producing identity info: today we'll take a look at consuming those info, something that will be done a lot more (there are only few mints, but an ocean of ways to spend the money they produce) and, fortunately, is also a dramatically simpler programming task. Before we go any further: Please. Read. Keith's. White paper . This series of posts is a quick & dirty guide, designed to get you started and to be easily found via search engines when you need a quick lookup: Keith's article is exhaustive & well polished, hence (together with the product documentation) should be your main reference. I am Vittorio Bertocci and I approve of this message (if you don't live in the US, nevermind :-)). Aaaaalllrighty, back to business. Thanks to the 2 former posts, we have an active STS and its associated managed card. Now we want to write a website which uses that STS for acquiring some info about our users in form of claims. Here the highest order bit is not the security paraphernalia we need to be familiar with when we work at the STS level: when designing an RP, the application biz requirements should be king. Taking that in mind, let's wear our web site dev hat and work backward Read More...
|
-
I am pleased to announce the publication of the Identity Selector Interoperability Profile V1.5 and companion guides. The ISIP (as it’s come to be called) documents the protocols and data formats used by Windows CardSpace so as to enable others to build compatible Information Card software.
Version 1.0 of these documents corresponded to the.NET Framework [...] Read More...
|
-
I was dividing my attention between the Scrubs special on TV & Digg on my PC, when an article titled " Experts: Passwords May Not Be a Good Online Defense " caught my eye: well, couldn't agree more!:-) It turns out that the article is from the NY Times, and it's short & sweet hence there's no need for me to summarize it here: Mr. Stross manages to capture the problem pretty effectively, also thanks to some nice quotes from Kim . P.S.: I know, I know. I still owe you an RP post for completing the Zermatt intro series started with the STS and card issuance . Keep the faith, it's coming! ;-) Read More...
|
-
Well, it's almost one month since I wrote the last " useful " posts : you would not believe how incredibly busy I am on stuff I can't talk about just yet (but soon, very soon). In this quick update I am excited to report that I am going to speak at TechEd New Zealand & TechEd Australia ! As strange as it may sound, the 114 flights I've boarded since I moved to Corp (October 2005) never took me under the equatorial line; furthermore, it's since first grade that I'm told how cool it is that New Zealand is at the exact antipodes of Italy, has roughly a boot shape as well, etc... that's the farthest place from home I can travel to without leaving the planet :-) I am going to deliver 2 sessions , both in NZ and in AU: Identity & Cloud Services (Architecture track, level 300) The shift towards cloud computing is one of the major trends in today’s IT industry. As resources and assets are increasingly hosted off-premise, traditional strategies for access control and identity management are proving incapable of handling distributed scenarios and cross-boundary communication. This presentation briefly outlines how architectures relying on claims-based identity management, security tokens and open standards can address cloud computing scenarios with the same ease with which they can handle traditional ones. The identity capabilities of Biztalk Services will be featured as a concrete example of an application of the new paradigm. “Zermatt” Developer Framework: Putting Authentication Read More...
|
-
It's since April that I don't write about the book (at the time we released the entire Chapter 2 on MSDN ). Last week I received notice that 2 new reviews were published: one is from the Denver Visual Studio User Group , the other is on Paul Van Brenk's blog . Both reviews are extremely nice, for which we are very grateful; I especially like the fact that in both cases the reviewers perceived our intention to deal with the problem from an holistic point of view, regardless of our affiliation with a technology or another. Thank you guys! (update: I've just stumbled in another review I didn't know about, on (in)secure magazine issue 17 . Niiiiice). In fact, in the last months various illustrious figures mentioned our book as well: David Chappell , Drummond Reed and Francis Shanahan wrote extremely nice reviews I never mentioned here until now, while I did mention the first entries from Kim and Mike . Add that to the podcast on Perspectives , the interview on channel9 with Carlo & Caleb, the podcast on SearchWinDevelopment , the bonus chapter on codeproject , the extremely nice reviews on the Amazon US page ... and again, mentions from Neil Hutson , Alexander Strauss , Feliciano Intini , Mario Fontana , ... I am sure I am forgetting something (for which I apologize). And now that I begun to hang out at Identity conferences, I can't tell you how pleasant it is to have complete strangers zeroing on you and telling you all sorts of nice things :-) I guess I am easily recognizable Read More...
|
-
We are back! I hope you had fun with the STS tutorial I posted yesterday night ; here we move a step further and examine how to equip our STS with managed card issuance logic & UI. As anticipated, this is going to be MUCH faster. If you recall, in the last post I asked you not to delete the Default.aspx page that the new web site template created for you: we are going to put our card issuance UI there. At thsi point the visual studio project should look as follows: The only new element I added is the information card image information-card.png, which will be used as the background of the information cards we'll issue. Of course nothing prevents you to get all fancy and allowing the user to upload an image for personalization purposes, but here we want to be quick & dirty (well, at least quick ;-)). The little image is below, for your viewing pleasure. Time to add some UI. Let's open Default.aspx inn the designer and let's drag some controls. <% @ Page Language ="C#" AutoEventWireup ="true" CodeFile ="Default.aspx.cs" Inherits ="_Default" %> <! DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> < html xmlns ="http://www.w3.org/1999/xhtml"> < head runat ="server"> < title > Untitled Page </ title > </ head > < body > < form id ="form1" runat ="server"> < div > Managed Card Generator < br /> < br /> Card name: < asp : TextBox ID ="txtCardname" Read More...
|
-
Just back from vacation. The tan barely started to fade, and here I am already playing with the new shiny toy :-). Did you experiment with Zermatt by now? As Kim mentions the samples (and the documentation) are an excellent way to start, and I am sure that blog posts & tutorials will soon start mushrooming here and there in the blogosphere: here I begin my humble contribution with my first technical post about Zermatt . I had *absolutely* no hesitations when deciding which scenario I should tackle first: an active STS which handles requests backed by smartcards . I received asks about from many segments (especially about eID management from governments and high authentication levels for finance) and pretty much from everywhere in the world (especially Europe and Asia): I am really delighted to finally have a chance to give you something about that scenario that you can compile in visual studio, as opposed to the usual whiteboard sketches :-) Before we dive into the code, let me disclaim the disclaimable: as usual, the code you see in this blog is just an example and is by no mean production ready code. My purpose here is to introduce you to new ideas, so I favor readability and clarity over completeness If you consider the definition of best practices as "A technique or methodology that, through experience and research, has proven to reliably lead to a desired result" , I think I can safely say that there are no established best practices yet. Sure, there are some fixed points Read More...
|
-
I found the samples very clear, and uncluttered with a lot of "sample decoration" Read More...
|
|
|
|