Connecting to internet validating identity

27-Aug-2015 17:56 by 6 Comments

Connecting to internet validating identity - Adult Chat Rooms

Post authentication, the mobile device will need to obtain an Identity Document, which is a signed JSON document that contains user claims, photos and public keys for U2F devices.To accomplish this, the mobile device will act as an UMA client, and the federation API’s that issue the Identity Document will act as an UMA Resource Server.

The Open Trust Taxonomy for OAuth2 (OTTO) is a working group at the Kantara Initiative which is developing a next generation standard for multi-party federation.SAML federations such as In Common have been successful at driving down the technical and legal cost of inter-domain trust and collaboration.OTTO looks to leverage this experience, but update the technology to include new requirements for OAuth2 services.The design of OTTO is well-suited for a mobile solultion: Free open source software for several of the components needed for this project already exist.For example, the Gluu Server has ox Auth, an OAuth2 authorization server.Gluu also has developed ox Push2 Mobile Application as part of its participation in an NSTIC pilot.

This project includes native applications for both IOS and Android that implement U2F authentication, including key generation, enrollment, and subsequent authentication leveragig eliptic curve encryption.

While not a full implementation of the requirements for this project, ox Push2 would provide a nice starting point.

The solution makes a few assumptions about the environment: While ELMER is designed for offline person recognition, in order to enroll your mobile device, you will need to be connected to the Internet.

The goal of this pilot is to create a solution that leverages free open source components and open protocols to enable the verification of a physically present person’s attributes as asserted by a trusted organization.

Smart phones and open identity federation protocols offer new possibilities to answer these questions about a person standing in front of you, with a device in hand.

At this point, Open ID Connect–a profile of OAuth2 which enables a person to authorize an application to access their identity information–is well suited as a protocol between the mobile device, and the Credential Issuer (the organization to which the person belongs).