Arcot Advisor
THE AUTHENTICATION AUTHORITY™ APRIL 2008
   

Arcot Offers OpenID

OpenIDHave you heard about OpenID? Supporters of this open-source, single digital identifier hope to give users a consistent and stable means of accessing sites across the Internet.

What's the point?

The idea is that a user can go to an OpenID "provider" to create one Internet-wide identity. By using OpenID, the user can move freely among sites, without needing to remember a lengthy list of usernames and passwords. (Say goodbye to all those sticky notes and Outlook memos.) The OpenID will transfer with the user, regardless of changes to the user's email address or Web site. And OpenID can free a user from needing to create an account every time he or she wants access to a new Web site. From a site-management perspective, accepting OpenID (or operating as an OpenID "consumer") may simplify account management and improve user satisfaction.

Arcot Chief Technology Officer (CTO) Jim Reno explains the process. "As a user, I go to an OpenID provider to get my ID. I go to a consumer site, and provide my OpenID when I want to log in. The consumer and provider sites work together to identify me. The provider says, 'I assert that this person has ownership of this identifier.' And the consumer says, 'Fine, I'll use that ID to track the user or account, and whenever I need to authenticate, I'll come back to you for that authentication.'"

Old idea, new approach

A single sign-in isn't a new idea. In 1994, Yahoo! had the idea of a single sign-in portal. That concept spread to Microsoft, Google and other site vendors. All three companies currently have members sitting on the corporate board of the OpenID Foundation.

"One advantage," says Reno, "is that OpenID doesn't require relationships between players. If you want to become an OpenID provider, you just do. You create or obtain the necessary software, set up your identity provider, and bang! You're now providing OpenID. And if you want to use OpenIDs as the authentication mechanism for your users, you just do so."

As yet, the number of OpenID consumer sites is still small, but is growing. Current consumer sites that are using OpenID include LiveJournal, Zooomr and WikiTravel. Yahoo! announced support this past January, and Google began providing IDs soon after. Pundits expect Wikipedia to sign on soon.

ArcotID provides strong authentication

Arcot has announced plans to serve as an OpenID provider, using ArcotID as the underlying authentication process. We demonstrated this new capability at April's RSA Conference 2008 in San Francisco, Calif. Attendee reception was positive.

"Strong authentication is the added value that Arcot brings as an OpenID provider," says Carol Alexander, vice president of marketing at Arcot. "Anyone who wants to support ArcotID for authentication can do so immediately, without integrating any software and with the assurance of strong authentication."

For more information about supporting ArcotID as an OpenID identifier, visit www.arcot.com or call 1-866-99-ARCOT.


Click here for a printable version of this page.