Title: A Guide to Claims-Based Identity and Access Control (Second Edition)
Authors: Dominick Baier, Vittorio Bertocci,
Keith Brown, Scott Densmore, Eugenio Pace,
& Matias Wolosk
Publisher: Microsoft Corporation
Version: 2.0
Published: 9/3/2013
Pages: 411
PDF: Claims-based Identity Second Edition device.pdf
Size: 19.3 MB
Price: FREE
Download URL: Click here for download
Also available in ePUB format (same URL above)
ePUB: ClaimsBasedIdentityandAccessControl.epub
Size: 9.1 MB
Table of Contents
- Chapter 1 – An Introduction to Claims
- Chapter 2 – Claims -Based Architectures
- Chapter 3 – Claims-Based Single Sign-On for the Web and Windows Azure
- Chapter 4 – Federated Identity for Web Applications
- Chapter 5 – Federated Identity with Windows Azure Access Control Service
- Chapter 6 – Federated Identity with Multiple Partners
- Chapter 7 – Federated Identity with Multiple Partners and Windows Azure Access Control Service
- Chapter 8 – Claims Enabling Web Services
- Chapter 9 – Securing REST Services
- Chapter 10 – Accessing REST Services from a Windows Phone Device
- Chapter 11 – Claims-Based Single Sign-On for Microsoft SharePoint 2010
- Chapter 12 – Federated Identity for SharePoint Applications
Description
Claims-based identity seeks to control the digital experience and allocate digital resources based on claims made by one party about another. A party can be a person, organization, government, website, web service, or even a device. The very simplest example of a claim is something that a party says about itself.
As the authors of this book point out, there is nothing new about the use of claims. As far back as the early days of mainframe computing, the operating system asked users for passwords and then passed each new application a “claim” about who was using it. But this world was based to some extent on wishful thinking because applications didn’t question what they were told.
As systems became interconnected and more complicated, we needed ways to identify parties across multiple computers. One way to do this was for the parties that used applications on one computer to authenticate to the applications (and/or operating systems) that ran on the other computers. This mechanism is still widely used—for example, when logging on to a great number of Web sites.