A Reputation Service is a service providing reputation informations
on a given user identity, IP or server.
A Reputation Service implements a Reputation System, which definition can be found here: http://en.wikipedia.org/wiki/Reputation_system
Some Reputation Systems provide access to their database by exposing web services.
An example of reputation service platform is http://www.karmasphere.com.
OpenID implementations can be integrated with a Reputation Service to grant an improved user security.
As shown by the following pictures, there are two main integration scenarios for a Reputation Service in the OpenID context:
- Provider side: an OpenID Provider uses a Reputation Service to report the level of reliability of Relying Parties its user requires to access during
setup session. It can even reject the login request.
- Relying Party side: a Relying Party uses a Reputation Service to verify the level of reliability of a OpenID Provider, providing feedback to the user or even deciding to reject the authentication request.
The third kind of interaction, not considered in this context, is when the user accesses the catalog of a Reputation Service by himself.
No comments:
Post a Comment