Open Id
Open ID and Web Security
INFORMATION SYSTEMS AND OPERATION MANAGEMENT
Lys Rodríguez de Castro Gonzáles 29484 Verónica Herrera Mestizo 30091 Manuela Oberhof 29477 Minyeong Kang 30084
01/02/2011
19/01/2010
1. Explain why OpenID offer users greater convenience and security than the current system
By using the current system, convenience and security are considered as problems, because the different sites have a different ID for the same user and also because most of this sites are not prepared to focus on security.
Getting to a web page using an Open ID, which is a users centric technology, solves this problems, because it is an identity provider and allows the user to have one single ID for all the websites they want to visit and also to control their own IDs.
The “convenience” problem is solved with the Open ID by allowing the user to login in different sites with the same ID in all of them, without registering in each site independently. Identity providers, like My Vidoop on the video, give the user the full control of his identity, so that he can also choose which ID provider he wants to use basing his decision on liability factors. Furthermore, the user of an ID provider can became his own identity provider after a while.
In terms of security, the ID provider is safer for the user because he only needs to trust one site with his login secrets, and as we said, is the user who chooses it when is not himself. 2. What are the possible drawbacks of the OpenID system?
Although it seems that the Open ID system has a lot of advantages, we may not forget that the video showed in the case study is an advertising video from My Vidoop.
This brings us to look for some disadvantages about the new system. First of all, we could mention that since the ID provider is a third
INFORMATION SYSTEMS AND OPERATION MANAGEMENT
Lys Rodríguez de Castro Gonzáles 29484 Verónica Herrera Mestizo 30091 Manuela Oberhof 29477 Minyeong Kang 30084
01/02/2011
19/01/2010
1. Explain why OpenID offer users greater convenience and security than the current system
By using the current system, convenience and security are considered as problems, because the different sites have a different ID for the same user and also because most of this sites are not prepared to focus on security.
Getting to a web page using an Open ID, which is a users centric technology, solves this problems, because it is an identity provider and allows the user to have one single ID for all the websites they want to visit and also to control their own IDs.
The “convenience” problem is solved with the Open ID by allowing the user to login in different sites with the same ID in all of them, without registering in each site independently. Identity providers, like My Vidoop on the video, give the user the full control of his identity, so that he can also choose which ID provider he wants to use basing his decision on liability factors. Furthermore, the user of an ID provider can became his own identity provider after a while.
In terms of security, the ID provider is safer for the user because he only needs to trust one site with his login secrets, and as we said, is the user who chooses it when is not himself. 2. What are the possible drawbacks of the OpenID system?
Although it seems that the Open ID system has a lot of advantages, we may not forget that the video showed in the case study is an advertising video from My Vidoop.
This brings us to look for some disadvantages about the new system. First of all, we could mention that since the ID provider is a third