Identity Management – Part 1 – The Basics
In this series of posts I am going to document about Identity management and corresponding things that I have learnt. This post answers the question “What is Identity?” , “What is authentication?” and what is “Single Sign on?”
Identity is defined as a handle by which you identify someone. For example your name is your identity. your photo can be your identity. In olden days to get access to a place or to verify your identity there used to be a secret code word which is shared between the two parties and once they confirm you by verifying whether you know the code word properly. Later to prove your identity we ID Cards were introduced, which generally carries the name and photo of yourself and is vouched by someone. So, to verify your identity you get challenged to show your ID proof which is signed by an issuing authority. This process of challenging you and verifying your ID is known as Authentication.
In the virtual world, it is more or less the same. You need to have an identity on the online world and when the services where not inter connected every service provider had their own identity management system. This resulted in you having multiple identities. Your Yahoo user name is an Identity of you. Your MSN passport is an identity of you. Your Google user name is an identity of you. All these systems created a separate identity in their respective system and shared a previously agreed secret just like the old days. So, to use the service you have to tell the service provider your identity and also the secret which you have shared before to verify you. There are various ways by which the user ids and passwords are stored and will be discussed in the future posts. This system of sharing a secret and having a ID with every service provider led to lot of confusion as people has to remember their user names in every system.
So, there came the principle of single sign on (SSO). Single sign on is a process by which you use your single identity across various services by entering your user id and password only once. So, when you log into GMail, you can get singed into Google account and use the same account to access other services provided by Google. But SSO didn’t solve all the problem. You cannot log into Yahoo mail using your Google account. To address these kind of problems in web and in enterprise level came the identity management systems. In next part, I would explain about Open ID protocol, how it address the SSO problem across various providers and helps you with one single identity.
Summary
What is Identity?
Identity is a handle or property by which you identify someone. In real world your name is an Identity which is used to identify you. Similarly in Online world, you would have an id and your Google / Yahoo / MSN ids are example of your identity.
What is Authentication?
Authentication is a process by which your identity is verified and confirmed. It could be a shared secret or flashing an ID card signed by an issuing authority.
What is Single Sign On (SSO)?
Single sign on is a concept which will allow you to access various system by authenticating only once.
-
markandey
-
rvramesh