Previous Next

Technology

Currently Being Moderated

You might have noticed the option to login to Jaggy Community with either username and password or OpenID.  What is the benefit and significance of OpenID?

 

OpenID is a free and easy way to use a single digital identity across the Internet.  With one OpenID you can login to all your favorite websites and forget about online paperwork.  It eliminates the need for multiple usernames across different websites simplifying your online experience.

For geeks, OpenID is an open, decentralized, free framework for user-centric digital identity. OpenID takes advantage of already existing Internet technology (URI, HTTP, SSL, Diffie-Hellman) and realizes that people are already creating identities for themselves whether it be at their blog, photostream, profile page, etc. With OpenID you can easily transform one of these existing URIs into an account which can be used at sites which support OpenID logins.

OpenID is still in the adoption phase and is becoming more and more popular, as large organizations like AOL, Microsoft, Sun, Novell, etc. begin to accept and provide OpenIDs. Today it is estimated that there are over 160-million OpenID enabled URIs with nearly ten-thousand sites supporting OpenID logins.

 

Who owns or controls OpenID?

OpenID has arisen from the open source community to solve the problems that could not be easily solved by other existing technologies. OpenID is a lightweight method of identifying individuals that uses the same technology framework that is used to identify websites. As such, OpenID is not owned by anyone, nor should it be. Today, anyone can choose to be an OpenID user or an OpenID Provider for free without having to register or be approved by any organization.

 

OpenID - key to unlocking the true potential of E2.0

OpenID can be a small (but key) part of the identity services story. The main problem that OpenID tries to solve is one that most people who use the internet extensively face - that of too many usernames and passwords. Instead of having to remember a username/password combo for each website they interact with (Google, Yahoo, Flickr, blogs, etc), you can set up and use a single OpenID account at all those websites instead. OpenID also hopes to provide a number of technological advantages to the whole authentication experience by figuring out ways to prevent phishing and pharming attacks.

 

So OpenID's main aim is at providing a secure, scalable solution for the authentication service in the identity stack. To a lesser extent, it also hopes to help the identity provider and authorization services by becoming a transport container for identity claims that drive these services.  OpenID-enabling existing applications for an external audience is already a trivial exercise. It's a simple API, and plugins or toolkits are available for most programming environments. I think the much bigger deal is looking at OpenID from the opposite perspective - using enterprise security infrastructure to support OpenID authentication.

 

Expecting Enterprise 2.0 success by simply adopting social networking features of Web 2.0 just seems a little naive. For a start, it implies and requires phenomenal change in the social and organizational fabric of a company to get off the ground, and there is no guarantee the benefits will be worth the pain of change. In many organizations it may just be too much, too soon, and fail completely.  Imagine for a moment the ideal world. I would have a corporate identity that works transparently within the enterprise and also for useful external services. And I could keep this quite separate from my personal identity.  The question is how realistically this can be achieved?  It will take Identity Management, Web Application providers, and Enterprise Software vendors to support third party OpenID credentials.  This will allow extending corporate identities beyond the boundaries of the organization in a safe and controlled manner.  This will likely be a slow process considering the delayed adoption of the previous contender SAML (Security Assertion Markup Language) - an XML-based standard for exchanging authentication and authorization data between security domains.  Part of the delayed adoption is due to proliferation of non-interoperable proprietary technologies.  In addition, there are enormous economic incentives for companies that run social networks to not let users of other networks access their services.  Shareholder value is often a function of how many users they have, and how hard it is to switch.  The harder it is to switch, the more money each user is worth.

Comparing Enterprise Identity with Open Web Identity

And while OpenID iteself seems to have the upper hand in terms of marketshare and competent execution, it’s still too early to declare a winner in the Web identity sweepstakes. However, there’s no reason that enterprises can’t support all the digital identity and open social graph initiatives they find rewarding today, creating an open, successful two-way relationship with the Web and its countless offerings.

 

It’s just another example of how opening up and giving up control on the network can create gains larger than what you relinquish. For it’s clear that while there will be issues with open Web identity, particularly around phishing and other exploits, the advantage of having a single, simple, straightforward network identity for workers wherever they go could be an enormous win for forward-thinking enterprises.