OAuth and Fine Grained User Controlled Authorization
By rajeev on Sep 13, 2008
There is a lot of buzz around OAuth. It provides a very simple and secure way for users to give access to their personal data. At core of the protocol is a token access protocol between service providers (where personal data exists) and consumers (entity requesting personal data) and a mechanism to interact with the user for allowing the data access.
Mere implementation of the OAuth protocol is not sufficient for a practical deployment - two key functions need to be supplied to make it useful:
I plan to provide deep technical deepdive into OpenSSO on providing these functions in upcoming blogs. Earlier incarnations of OpenSSO (Access Manager 7.x) have already delved into solving this problem as part of Liberty Interaction Service implementation. For people not familiar with this protocol, Liberty Alliance's Interaction service in collaboration with Liberty Discovery Service provides similar functionality to OAuth going a step further by taking privacy and interoperabiliy into consideration, but at the expense of some complexity in its implementation.
Hope to cover the following :