|
Web site users face a set of common problems including determining the legitimacy of sites. The traditional method for users to identify themselves to a Web site—password authentication—has a number of well-known flaws.
Windows CardSpace is client software that enables users to provide their digital identity to online services in a simple, secure, and trusted way.
Each card has some identity data associated with it—though this data is not actually stored in the card—that has either been given to the user by an identity provider such as bank, employer, or government, or created by the users themselves.
Information cards are virtual representations of a person's identity that are assured by a particular party. Information cards are analogous to real-world identity cards such as passports, driver's licenses, credit cards, and employee ID cards.
Information cards are managed on client computers by a software component called an identity selector. An identity selector is a user interface (UI) that appears when a user attempts to authenticate to a Web site that requests an information card. The following figure shows Windows CardSpace—the Microsoft implementation of an identity selector for Windows—in response to a demand for credentials by a Web site.
Advantages of information cards:
-
Information cards are more flexible than simple user names and passwords.
-
Information cards employ strong cryptography, which makes their use more secure than passwords.
-
Information cards can potentially present any type of identity claim that makes sense to all of the interacting parties and which users are willing to release.
|
