Windows CardSpace empowers organizations to prevent identity theft and systematically address a broad spectrum of security and privacy challenges. Understanding Windows CardSpaceis the first insider's guide to Windows CardSpace and the broader topic of identity management for technical and business professionals. Drawing on the authors' unparalleled experience earned by working with the CardSpace product team and by implementing state-of-the-art CardSpace-based systems at leading enterprises, it offers unprecedented insight into the realities of identity management: from planning and design through deployment. Part I introduces the fundamental concepts of user-centered identity management, explains the context in which Windows CardSpace operates, and reviews the problems CardSpace aims to solve. Next, the authors walk through CardSpace from a technical standpoint, describing its technologies, elements, artifacts, operations and development practices, and usage scenarios. Finally, they carefully review the design and business considerations associated with architecting solutions based on CardSpace or any other user-centered identity management system. Coverage includes * The limitations of current approaches to authentication and identity management* Detailed information on advanced Web services* The Identity Metasystem, the laws of identity, and the ideal authentication system* Windows CardSpace: What it is, how it works, and how developers and managers can use it in their organizations* CardSpace technology: user experience, Information Cards, private desktops, and integration with .NET 3.5 and Windows Vista* CardSpace implementation: from HTML integration through federation, Web services integration, and beyond* Adding personal card support to a website: a detailed, scenario-based explanation* Choosing or becoming an identity provider: opportunities, business impacts, operational issues, and pitfalls to avoid* Using CardSpace to leverage trust relationships and overcome phishing Whether you're a developer, security specialist, or business decision-maker, this book will answer your most crucial questions about identity management, so you can protect everything that matters: your people, your assets, your partners, and your customers. Foreword xv Preface xviii Part I Setting the Context Chapter 1: The Problem 3 The Advent of Profitable Digital Crime 4 Passwords: Ascent and Decline 29 The Babel of Cryptography 36 The Babel of Web User Interfaces 79 Summary 84 Chapter 2: Hints Toward a Solution 87 A World Without a Center 89 The Seven Laws of Identity 92 The Identity Metasystem 110 Trust 115 WS-* Web Services Specifications: The Reification of the Identity Metasystem 136 Presenting Windows CardSpace 161 Summary 164 Part II THE TECHNOLOGY Chapter 3: Windows CardSpace 169 CardSpace Walkthroughs 169 Is CardSpace Just for Websites? 175 System Requirements 176 What CardSpace Provides 177 A Deeper Look at Information Cards 184 Features of the CardSpace UI 204 Common CardSpace Management Tasks 210 User Experience Changes in .NET Framework 3.5 218 Summary 221 Chapter 4: CardSpace Implementation 223 Using CardSpace in the Browser 224 Federation with CardSpace 248 CardSpace and Windows Communication Foundation 252 CardSpace Without Web Services 262 Summary 268 Chapter 5: Guidance for a Relying Party 269 Deciding to Be a Relying Party 270 Putting CardSpace to Work 274 Privacy and Liability 299 Summary 302 Part III PRACTICAL CONSIDERATIONS Chapter 6: Identity Consumers 305 Common Misconceptions about Becoming an Identity Provider 306 Criteria for Selecting an Identity Provider 309 Relying on an IP 315 Migration Issues 320 Summary 321 Chapter 7: Identity Providers 323 Uncovering the Rationale for Becoming an Identity Provider 324 What Does an Identity Provider Have to Offer? 334 Walking a Mile in the User's Shoes 338 An Organization's Identity 341 Summary 342 Index 343
Publisher: Pearson Education (US)
Weight: 712 g
Dimensions: 233 x 181 x 25 mm
You may also be interested in...
Please sign in to write a review
Thank you for your reservation
Your order is now being processed and we have sent a confirmation email to you at
When will my order be ready to collect?
Call us on or send us an email at
Unfortunately there has been a problem with your order
Please try again or alternatively you can contact your chosen shop on or send us an email at