pRESTPeter Rybár, Elastic Solutions & Technologies

SWID

SWID (Single Web ID), identity management protocol and "Single Sign On" solution for portal web applications.

What is SWID?

SWID is a safe, faster, and easier way to log in to web sites. SWID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords. SWID is a decentralized authentication protocol that makes it easy for people to sign up and access web accounts.

SWID schema

You may choose to associate information with your SWID that can be shared with the websites you visit, such as a name or email address. With SWID, you control how much of that information is shared with the websites you visit.

With SWID, your password or certificate is only given to your identity provider, and that provider then confirms your identity to the websites you visit. Other than your provider, no website ever sees your password, so you don’t need to worry about an unscrupulous or insecure website compromising your identity.

Benefits of SWID

Centralize Identity Management
Users can be centrally managed via a single administration interface.
SSO, Log in Once
Single sign-on (SSO) is a mechanism that consolidates the authentication process of multiple services into one spot. This connection allows users to be logged into multiple services when they sign in to one. Single sign-on support means users authenticate once and are automatically logged in to everything.
Make life easy for your users – give them one username and password to login to all the applications they need access to.
Minimize Password Security Risks
Many web users deploy the same password across multiple websites. And since traditional passwords are not centrally administered, if a security compromise occurs at any website you use, a hacker could gain access to your password across multiple sites. With SWID, passwords are never shared with any websites, and if a compromise does occur, you can simply change the password for your SWID, thus immediately preventing a hacker from gaining access to your accounts at any websites you visit.
Integrate Your Apps
Give web applications developers one login interface – no need to implement login pages for each new web application.
Connectors to Everything
Use any connectors for identity storage (Active Directory, LDAP, Sun, eDirectory, Directory Server), or create your own custom connector.
Reduces phishing
Phishing is a criminally fraudulent process where victims are tricked into giving criminals sensitive information such as their usernames and passwords. Phishing causes damage to individuals (e.g. taking their money) and institutions (e.g. preventing all users from sending e-mails).
Some types of phishing present users with a web page asking them to enter their username and password. If users are accustomed to seeing one and only one screen when entering their credentials (such as is the case in a single sign-on system), it may be easier for them to identify phishing attacks of this type.
Speeds up development
Creating a website that requires user authentication is not as trivial as it may seem. Authentication systems take time to develop, implement, and maintain. Using a single sign-on system reduces or removes a lot of that work from the development process. That means your friends in web Services will have more time to work on more interesting and exciting things, which benefits everybody.
Easier to secure
In authentication systems, security is extremely important. Security can also be challenging. Making sure that passwords are transmitted and stored in a secure way can be difficult to perfect. If there are twelve different ways to log in, each of those ways needs to be just as secure as the other. Single sign-on allows us to focus our efforts into making one spot secure.
Fewer passwords to remember
It is the nature of single sign-on systems for each user to have only one username and password that allows them to login to all of the connected services. This keeps everybody more secure and clears out space in your mind for more important things, like your partner’s birthday.
Saves time and effort
While logging in may not seem like a significant amount of time and effort, it can add up. Moreover frequent logging discourage users of use your portal.