decentralized-id.github.io/_posts/web-standards/2022-12-12-fido-alliance.md
⧉ infominer c232997115 cleanup
2022-12-12 06:49:53 -05:00

2.1 KiB

published
false

FIDO

  • Integrating W3C Web Authentication (FIDO2) and Verifiable Credentials

    This is the presentation that I gave on 21 and 22 September 2020 to the UK NHS
    "INTEROPen Presents: Staff Access Hackathon" virtual workshop

  • W3C Verifiable Credentials - Kent Branchpdf

    The speaker will introduce the W3C Verifiable Credentials Data Model, which was published as a Proposed Recommendation in September 2019. Verifiable Credentials are the latest development in identity management and are fundamentally different from today's federated identity management systems such as SAML and OpenID Connect.

    David will describe the VC ecosystem and data model. He will then describe the prototype implementation which was built with colleagues from the University of Toulouse. They built a prototype system, which uses Fast Identity Online (FIDO) for user authentication, meaning that usernames and passwords are no longer needed. A pilot application was tested with a small sample of NHS patients and the speaker will present the results of this trial.

  • Improved Identity Management with Verifiable Credentials and FIDO

    We describe how FIDO and W3C VCs can overcome the problems of existing identity management systems. We describe our conceptual model and architecture, and the protocol we used by extending FIDO's UAF in order to provide both strong authentication and strong authorization. We built a pilot implementation for U.K. NHS patients to validate our implementation. Patients were able to use a mobile phone with a fingerprint reader to access restricted NHS sites in order to make and cancel appointments and order repeat prescription drugs. Our initial user trials with 10 U.K. NHS patients found the system to be easy to use, and fingerprints to be preferable to using usernames and passwords for authentication.