Part of the Authentication glossary:

OpenID is a decentralized single sign-on authentication system for the Internet. The goal of the OpenID initiative is to allow users to log in at websites around the Internet with one ID, instead of having to create multiple unique accounts.

Next Steps

To use OpenID, a user must initially register with a Web site that supports OpenID. AOL users, for instance, can simply use their screen name because AOL supports OpenID. When visiting other sites that support OpenID, the user logs in with a URL, which in this case would be http://openid.aol.com/screenname.

Previous attempts at universal authentication methods, like Microsoft's Passport or the Liberty Alliance, failed in part because of proprietary implementations. OpenID was developed using the open source software model to be an interoperable protocol independent from any single organization.

As OpenID matures and evolves into a commercially viable, trusted identity provider service, enterprises will be able to consider outsourcing their federated identity management needs to the framework. Key issues to enterprise adoption will be resolving DNS spoofing vulnerabilities and tighter integration with the Security Assertion Markup Language ( SAML ). Today there are over a quarter of a billion OpenIDs and well over 10,000 Web sites that accept them.

This was last updated in March 2008
Posted by: Margaret Rouse

Related Terms

Definitions

  • Real ID

    - Real ID is a driver's license that complies with standards mandated by the United States Real ID Act of 2005. (Continued...) (SearchFinancialSecurity.com)

  • UK Identity Cards Act

    - The UK Identity Cards Act is a framework of enabling legislation for a British National Identity card passed in 2006. The Act has not yet gone into full-scale development or deployment... (Continued) (SearchSecurity.co.UK)

  • OAuth

    - OAuth (Open Authorization) is an open protocol for token-based authentication and authorization on the Internet. OAuth, which is pronounced "oh-auth," allows an end users’ account information to be... (SearchSOA.com)

Glossaries

  • Authentication

    - Terms related to authentication, including security definitions about passwords and words and phrases about proving identity.

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

  • Internet applications

    - This WhatIs.com glossary contains terms related to Internet applications, including definitions about Software as a Service (SaaS) delivery models and words and phrases about web sites, e-commerce ...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top