Some of those techniques mainly aim to harden the authentication
process (for example, relying on asymmetric cryptography
rather than shared secrets). The use of client certi?¬?cates, regardless
of the form factor in which they are made available, is an
example of that. We discuss this in more detail in the section
???Certi?¬?cate-Based Client Authentication Schemes.???
Sharing identities
across boundaries
is a common problem
Many different
authentication
schemes are in use
today
58 The Problem
Another category of authentication techniques not only goes
beyond the shortcomings of passwords, but also tries to solve
the hostage identity problem described in ???HTTPS,
Authentication, and Digital Identity??? section. Although username
and password usually unlock information already residing
on the service, your digital identity in that context, those new
techniques try to obtain a portable version of the same information
so that it can be reused elsewhere. In other words, those
methods devise a new kind of credential that is actually descriptive
of the identity it represents. Security Assertion Markup
Language (SAML) and Kerberos are good examples of those
techniques.
Pages:
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116