Authentication in the Social Web - Joseph Bonneau - University of Cambridge, Computer Laboratory Security Group
Abstract: The growth of the social web and the large number of websites now including social features has introduced new demands for authentication and identity management online. Websites increasingly allow users to share all or some of their identity across websites, between sites and third party applications, and between non-browser clients and sites. This has brought new challenges for users, who are expected to maintain a large number of passwords and understand an increasingly complicated communications model to avoid fishing. This talk will discuss the complicated state of authentication on the web, from the "open pile" of OpenID, OAuth, Yadis, and others to proprietary protocols like Facebook Connect, Windows CardSpace, Google AuthSub, 3-D Secure and more.
Bio: Joseph Bonneau is a PhD candidate in the Security Group at the University of Cambridge, studying human authentication and the social web. He holds BS and MS degrees from Stanford University where he researched applied cryptography and side-channel cryptanalysis and worked as a cryptographer at Cryptography Research Inc. before moving to Cambridge.