This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Closed-Loop Authentication
Closed-Loop Authentication

Version management

Difference between version and

At line 1 added 20 lines
!!! Overview
[{$pagename}] is when the same party that provided [Credential Enrollment] provides the [Authentication].
Today, most web [Authentication] is [{$pagename}], including:
* traditional two-party [authentication] with username and [password]
* third-party login where a [Relying Party] redirects the browser to an [Identity Provider (IDP)] who [authenticates] the user and redirects the browser back to the [Relying Party], asserting the user's identity
In contrast, [Open-Loop Authentication] user attributes are asserted by a party that is not directly involved in the [Authentication] process.
In [{$pagename}] the [Identity Provider (IDP)] is involved in the [Authentication] process by verifying possession of the [credential] by the device.[1]
In third-party [{$pagename}], the [credential] authority is an [Identity Provider (IDP)], which asserts the user attributes to a [Relying Party] only after verifying possession of the [credential] by the device. In two-party authentication, there is only one party besides the user’s device, so two-party authentication can only be closed-loop [authentication].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [http://pomcor.com/2013/04/03/closed-loop-vs-open-loop-authentication/|http://pomcor.com/2013/04/03/closed-loop-vs-open-loop-authentication/|target='_blank'] - Retrieved 2013-04-10
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop