Other protocols and technologies beyond SAML and OpenID?
Sure! It is a rather new field and many more flowers may sprout over time. One of them is OAuth [8]. On the web page, OAuth is described as: “An open protocol to allow secure API authentication in a simple and standard method from desktop and web applications.” OAuth does not require a specific authentication method. OAuth is very new, the core specification v1.0 was released in December 2007. OAuth claims to have taken the best out of the proprietary protocols like Google AuthSub, AOL OpenAuth, Yahoo BBAuth, Upcoming api, Flickr api, Amazon Web Services api, etc. Another candidate is CardSpace [9] from Microsoft. Wikipedia [10] describes it as follows: “Windows CardSpace (codenamed InfoCard), is Microsoft’s client software for the Identity Metasystem. CardSpace is an instance of a class of identity client software called an Identity Selector. CardSpace stores references to users’ digital identities for them, presenting them to users as visual Information Cards. CardSpace provides a co
