The InfoCard System


InfoCard is an identity selector that runs on Windows Vista, Windows XP SP2, and Windows Server 2003 SP1. It ships as part of WinFx along with WCF. However, it is both hoped and expected that there will be identity selectors on other operating systems such as the Apple Mac and Linux. The identity metasystem is inclusive of all technologies and platforms and, to the amazement and disbelief of some, it is entirely possible to build an end-to-end solution without having any Microsoft software whatsoever.

There will, of course, be an Active Directory Security Token Service (AD/STS), but there will also be STSes from other vendors and on other platforms. Indeed there is already an STS implementation on Linux by Ping Identity. To test the true interoperable nature of the technology, Kim Cameron runs his blog on the LAMP stack and uses InfoCard to log in!

Now that we're a few pages into a chapter on InfoCard, it's high time I provided a one-paragraph definition of InfoCard that tries to encapsulate its qualities:

The InfoCard system is a new feature of Windows that allows users to control the use of their digital identity via the simple and familiar metaphor of a set of cards. When a user wants to access an online service, rather than providing his username and password or filling in a form, he selects an appropriate card from a special, security-hardened UI. This "InfoCard" represents the digital identity of the user and enables the service to receive the data it needs to authenticate and authorize the user. This information is provided in a secure and consistent way by identity providers such as the user's employer, his bank, his government, or indeed the user himself. It is an interactive system and the user can determine exactly what information is disclosed and to whom, while the identity provider asserts the validity of the information. By utilizing standard interoperable protocols such as WS-Security and WS-Trust, the system is able to provide users with a simple, consistent, and secure sign-on experience to trusted websites and Web services.

In other words, in the same way I might present my driver's license in an American bar to prove I'm older than 21, or use my gym card to prove I'm a member of my gym, or provide my passport to prove I'm British, I can use a virtual card to assert one or more claims (for example, "I am older than 21") when interacting with a website or service.

Perhaps the easiest thing to do at this point is to create a card and then you'll get a better idea of what I'm talking about.

When you install WinFX, you should find a new icon in your Control Panel (classic view please):

If you double-click this, you should get the dialog shown in Figure 14.2.

Figure 14.2. The InfoCard Add Cards dialog.


As you can see, there are two types of cards, personal cards and provider cards. The names are reasonably descriptive: provider cards (also known as managed cards) are given to you by an identity provider such as your bank, your company, or your government; personal cards (also known as self-issued cards) are created by you personally. Their most common use is to log in to websites that you use usernames and passwords with today. If you have a user account at a website today, you can use an InfoCard tomorrowthe site just needs to add InfoCard support to the existing username and password support it already has, and this process has been designed to be as simple and as nondisruptive as possible.

You can create several personal cards to represent your identity in different contexts. For example, your Xbox Live identity is likely to be different from your Amazon identity. You can also use the same card in different contextsfor example, a card providing minimal information for use at sites where you don't want to reveal things like your address or email address. The same principles apply to provider cards: You can have more than one card from a single identity provider and use the same card in many different places (an InfoCard representing your credit-card details would be pretty useless otherwise!).

Go ahead and create some personal cards and experiment with exporting and importing them. Open the exported .crds file in Notepad to see what it looks like.

There are only 12 claims associated with personal cards:

GivenName

Surname

EmailAddress

StreetAddress

Locality

StateOrProvince

PostalCode

Country

PrimaryPhone

DateOfBirth

Gender

PrivatePersonalIdentifier

It is up to you what values you put in the 11 claims that appear in the UI. The one that doesn't appear in the UI is the PrivatePersonalIdentifier (PPID). It is generated by the InfoCard system and is what, when you're using a personal card, uniquely identifies you to a site. Without a PPID it would be impossible to provide a consistent, personalized experience if the only claims you provided were GivenName = "Maria", Surname= "Gonzalez", and StateOrProvince="CA"there are 10,000 Maria Gonzalezes in LA county alone (this is known in identity circles as the "Maria Gonzales problem"!).

InfoCard's main purpose in life is to help users to authenticate and be authorized at websites and services in a simple, secure, and flexible way. It enables identity providers to supply claims for those sites to consume. It's important to understand that InfoCards enable the user to retrieve personal identity information from identity providers but InfoCards do not contain claims.

InfoCards contain metadata concerning which claims can be provided and where and how to get them. They do not contain identity data, but only metadata (that is, data about the data). Nor do cards actually go anywhere off the user's machine (across the wire). They stay on the client machine unless the user decides to export them or they are roamed within a domain.

Let's go through an example to make this clearer. Suppose my bank gives me an InfoCard to represent my credit-card information. The bank emails me a signed .crd file and I import it (naturally, since InfoCards are metadata, their ultimate expression is as an XML document). When I use that card to make a payment at a website, the InfoCard system sends an RST to the bank's security token service (the IP/STS) and I get back an RSTR with a signed, encrypted security token with the credit-card data in it, ready to pass on to the website (the RP) provided that I, the user, give my consent to release that information. It is security tokens containing claims that pass over the wire, not cards. In the end, choosing an InfoCard is just an elegant way to get hold of a security token.

The semantics of using a personal card are exactly the same as for a provider card. The card contains details about which claims can be retrieved, where they are, and how to get themonly in this case the security token service is local and the data is sitting on my hard disk.

Extending this model further, in the near future we will have portable security token services (pSTSes) that contain personally identifiable information. These will come in all shapes and sizes: thumb drives, mobile phones, and Pocket PCs. There might even be a use for those fancy digital wristwatches that Bill Gates promotes every couple of years or so. These solutions will provide both mobility and security but the concept is exactly the same: The InfoCard points to an STS that provides security tokens containing claims.

Personal cards provide some of the most commonly used claims, but it is hardly an exhaustive list (er, 12). This is by design. By including these basic claims, InfoCard helps the user avoid some tediously repetitive typing, but these are not exactly interesting claims. And that is the whole point: There's not much incentive for a bad guy to go looking for this information. It would be easier to look in the phone book! We are purposely avoiding having a honeypot of personal information on the user's machine. The cards that represent the really interesting data are the provider cards, and all that they have in them is metadata. It's my bank's server that has my account details and it's the government-run server that has my Social Security informationwhich is, of course, exactly how it should be.




Presenting Microsoft Communication Foundation. Hands-on.
Microsoft Windows Communication Foundation: Hands-on
ISBN: 0672328771
EAN: 2147483647
Year: 2006
Pages: 132

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net