OpenID Enhanced Authentication Profile (EAP) Working Group

Slides:



Advertisements
Similar presentations
1Copyright © 2010, Printer Working Group. All rights reserved. PWG Plenary Status Report IDS Working Group August 4, 2010 Bagsværd, Denmark- PWG F2F Meeting.
Advertisements

Smartphone-based authorization system Advisor: Dr. Wenjun Zeng - Professor Presenter: Yilihamujiang, Ailiyasijiang Zhou, Guanlong Al-Sinani, H. S. (2011).
EAP Channel Bindings Charles Clancy Katrin Hoeper IETF 76 Hiroshima, Japan November 08-13, 2009.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
1Copyright © 2008, Printer Working Group. All rights reserved. PWG Imaging Device Security (IDS) Working Group Lexington, KY – P2600 Meeting October 24,
1 Trillion Azure AD authentications since the release of the service 50 M Office 365 users active every month >1 Billion authentications every.
Finalize RESTful Application Programming Interface (API) Security Recommendations Transport & Security Standards Workgroup January 28, 2014.
OpenID Connect Working Group April 6, 2015 Mike Jones Identity Standards Architect – Microsoft.
Wireless Security Issues David E. Hudak, Ph.D. Senior Software Architect Karlnet, Inc.
OAuth/UMA for ACE 24 th March 2015 draft-maler-ace-oauth-uma-00.txt Eve Maler, Erik Wahlström, Samuel Erdtman, Hannes Tschofenig.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
Prabath Siriwardena Senior Software Architect. An open source Identity & Entitlement management server.
Access and Identity Management System (AIMS) Federal Student Aid PESC Fall 2009 Data Summit October 20, 2009 Balu Balasubramanyam.
The Internet Identity Layer OpenID Connect Update for HIT Standards Committee’s Privacy and Security Workgroup Wednesday, March 12th from 10:00-2:45 PM.
Workgroup Discussion on RESTful Application Programming Interface (API) Security Transport & Security Standards Workgroup January 12, 2014.
Geneva, Switzerland, September 2014 Identity Based Attestation and Open Exchange Protocol (IBOPS) Scott Streit Chief Scientist.
U.S. Department of Agriculture eGovernment Program July 15, 2003 eAuthentication Initiative Pre-Implementation Status eGovernment Program.
Enforcement mechanisms for distributed authorization across domains in UMA – aka “UMA trust” Eve Maler | 22 Aug 2012 draft.
Identity Management Hannes Tschofenig. Motivation OAuth was created to allow secure and privacy friendly sharing of data. OAuth is not an authentication.
IETF #91 OAuth Meeting Derek Atkins Hannes Tschofenig.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
Observations from the OAuth Feature Survey Mike Jones March 14, 2013 IETF 86.
Status Update on Other GFIPM Activity Threads GFIPM Delivery Team Meeting November 2011.
Justin Richer The MITRE Corporation October 8, 2014 Overview of OAuth 2.0 and Blue Button + REST.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.
Presentation at ISMS WG Meeting1 ISMS – March 2005 IETF David T. Perkins.
Secure Mobile Development with NetIQ Access Manager
1 Server Business Logic & OAuth Beta Overview October 4, 2010 Alan Hantke Product Development Server Business Logic Intuit Partner Platform Diane Weiss.
Prabath Siriwardena, Director of Security, WSO2 Twitter
OpenID Connect Working Group May 10, 2016 Mike Jones Identity Standards Architect – Microsoft.
OpenID Certification June 7, 2016 Michael B. Jones Identity Standards Architect – Microsoft.
OpenID Connect: An Overview Pat Patterson Developer Evangelist Architect
Web Authorization Protocol WG Hannes Tschofenig, Derek Atkins.
L’Oreal USA RSA Access Manager and Federated Identity Manager Kick-Off Meeting March 21 st, 2011.
Identity Standards Architect, Microsoft
Access Policy - Federation March 23, 2016
Dr. Michael B. Jones Identity Standards Architect at Microsoft
4/18/2018 1:15 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
OGSA-WG Basic Profile Session #1 Security
Shibboleth Roadmap
OAuth WG Conference Call, 11th Jan. 2013
Phil Hunt, Hannes Tschofenig
Identity Standards Architect – Microsoft
OAuth Assertion Documents
IETF-70 EAP Method Update (EMU)
OpenID Connect Working Group
IETF101 London Web Authorization Protocol (OAuth)
OpenID Connect: News, Overview, Certification, and Action Items
Identity Standards Architect – Microsoft
OpenID Enhanced Authentication Profile (EAP) Working Group
Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008
NextGen Access Control Platform
OpenID Connect Working Group
IETF103 Bangkok Web Authorization Protocol (OAuth)
draft-ipdvb-sec-01.txt ULE Security Requirements
OpenID Connect Working Group
PWG Plenary Status Imaging Device Security (IDS) Working Group
SharePoint Online Authentication Patterns
Mary Montoya, CIO Bogi Malecki, Project Manager
Introduction to OpenID Connect
OpenID Connect Working Group
Identity Standards Architect – Microsoft
OpenID Enhanced Authentication Profile (EAP) Working Group
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
Authentication and Authorization for Constrained Environments (ACE)
Web Authorization Protocol (OAuth)
OpenID Connect Working Group
OpenID Enhanced Authentication Profile (EAP) Working Group
HIP – FAS flows addendum to the OIDC integration guide for eBox HIPs.
Presentation transcript:

OpenID Enhanced Authentication Profile (EAP) Working Group October 16, 2017 Michael B. Jones Identity Standards Architect – Microsoft

What is the EAP WG? Charter at http://openid.net/wg/eap/ … “Develop a security and privacy profile of the OpenID Connect specifications that enable users to authenticate to OpenID Providers using strong authentication specifications. The resulting profile will enable use of IETF Token Binding specifications with OpenID Connect and integration with FIDO relying parties and/or other strong authentication technologies.”

Two EAP Specifications Token Bound Authentication Defines how to apply Token Binding to OpenID Connect ID Tokens http://openid.net/specs/openid-connect-token-bound-authentication-1_0.html EAP ACR Values Defines “acr” values strong authentication profiles http://openid.net/specs/openid-connect-eap-acr-values-1_0.html

Token Binding Update IETF Token Binding specs ready for IETF last call OAuth Token Binding spec Defines Token Binding of OAuth 2.0 access tokens, refresh tokens, and authorization codes Connect Token Binding spec Defines Binding of OpenID Connect ID Tokens Refinements to phase-in logic about to occur Implementation available for interop testing Created by Brian Campbell See https://www.ietf.org/mail-archive/web/unbearable/current/msg01332.html

Two ACR Values Defined “phr” – Phishing-Resistant An authentication mechanism where a party potentially under the control of the Relying Party cannot gain sufficient information to be able to successfully authenticate to the End User's OpenID Provider as if that party were the End User. “phrh” – Phishing-Resistant Hardware Protected An authentication mechanism meeting the requirements for phishing-resistant authentication above in which additionally information needed to be able to successfully authenticate to the End User's OpenID Provider as if that party were the End User is held in a hardware-protected device or component. Phishing-Resistant definition based on 2008 OpenID Provider Authentication Policy Extension (PAPE) spec

Status Working group active Chairs Mike Jones and Brian Campbell Calls scheduled every two weeks on Thursdays For more info see the working group page http://openid.net/wg/eap/

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.