Presented by: Kenji Takahashi, Senior Research Engineer, Supervisor, NTT, and Liberty Alliance Japan SIG Co-Chair
Password on day of session: iddystrong
NTT has developed SASSO, a personal Identity Provider that enables users to single-sign-on to a PC and leverage the strong authentication capabilities of the mobile phone to conduct a wide range of secure identity-based transactions. SASSO uses the increasingly ubiquitous mobile phone as an Identity Provider (IdP) to allow users to access a Service Provider (SP). Once authenticated by their own mobile phone, the IdP on the mobile phone issues a SAML assertion signed by a private key and sends that assertion to SPs. The application drives strong authentication into online transactions and leverages the convenience and privacy capabilities of the mobile phone to allow users to better control their own identity information.
- Deployment – The application is currently targeted to the mobile industry by leveraging the FirstPass Digital Authentication Service of NTT DoCoMo, but the solution can be applied to any segment and region where strong authentication is required.
- Highlights of User Benefits – SASSO is easy to use, leverages the mobile phone many people already have and does away with “token necklace” problems currently associated with many strong authentication solutions.
- Highlights of Business Benefits – SASSO helps mitigate security risks and increases opportunities for deploying security sensitive services by easily implementing strong authentication. The solution reduces the time and costs of deploying new services and helps reduce customer churn.
- Interoperable Federation Technologies – To realize a “plug and play” usage model, universal interoperability among the implementation of SPs is important. By leveraging the mobile phone as an identity-aware client, SASSO demonstrates a convergence of the OpenID, Cardspace and SAML styles of user-centric identity management
Please direct questions to Dervla O’Reilly, Liberty Alliance, email@example.com