Open identity management framework for mashup

Mashups have emerged as a Web 2.0 phenomenon, connecting disjoint applications together to provide unified services. However, scalable access control for mashups is difficult. To enable a mashup to gather data from legacy applications and services, users must give the mashup their login names and passwords for those services. This is not user-centric and the all-or-nothing approach violates the principle of least privilege and leaves users vulnerable to misuse of their credentials by malicious mashups. To overcome the limitations, this paper proposes an open identity framework, which leverages open identity protocol such as OpenID and OAuth. The framework can bring benefits to all the roles involved in the system in a non-intrusive and user-centric way. Open is a good design principle, and it is also the attitude and sprit of collaboration. We think that a mashup system based on open technologies could make the composition of services easier and accelerate the on-boarding of service providers. Moreover, more customers might also be attracted by the openness of the system.