Identity Providers

Managed Cards, unlike Personal Cards, are created by an identity provider (IP) and given to a person. The cardholder, when visiting a site and wanting to use the card, must first authenticate himself to the IP, who creates the token with the appropriate data and passes it back to the user, who may in turn pass it to a relying party (RP). The card itself contains nothing more than the metadata of the information it represents. The card is stored on the user’s computer in an encrypted data file but can only be used to request the data from the security token service that the IP has encoded into the card.

Users expect a great deal from an IP

Rationalizing the decision to become an IP is more than just declaring to do so. An ...

Get Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.