Submission to Sprint Innovate: Why Sprint should support OpenID Connect

1
Submission to Sprint Innovate Why Sprint
should support OpenID Connect

• Sprint should support the OpenID Connect protocol
  for authentication. Sprint has a lot of
  customers. Telcos are in a superlative position
  to authenticate people using mobile devices.
•  
• However, how can websites use the sprint.com
  domain to authenticate people?
•  
• I suggest Sprint aligns with the OpenID Connect
  standard. Further I propose that Sprint use the
  open source OX platform to do this.
•  
• Google open sources the client API to
  authenticate people, but it doesnt publish the
  server code it uses. The Gluu project provides
  the best implementation of the new OpenID Connect
  protocol.
•  
• Sprint should align with the same authentication
  protocol as Google, Facebook, Yahoo and
  Microsoft, and other consumer IDPs. There is no
  point in writing your own code to implement
  OpenID Connect when you can use open source
  software. And by supporting open source, you can
  help the ecosystem.

2
Frankly you have no interest in your partners
doing a bad job of authentication. Its a win win
Gluu is a small company. We are struggling to
fund this open source software and maintain our
lead. I think there are several ways we could
help Sprint, and you can help Gluu, and that you
can help make the Internet a safer place by
opening up your platform for third party
authentication.   Q A The specifics of your
Opportunity   Who are your competitors?   Our
competitors include Ping Identity, ForgeRock, CA
SiteMinder, IBM Tivoli Access Manager, RSA
ClearTrust, Oracle Access Manager, OneLogin,
Okta, StormPath   What differentiates your
solution from your competitors?   There is only
one other open source platfrom ForgeRock. That
platform was designed in the early 2000s. It is
not easy, and it doesnt support the new OAuth2
profiles (OpenID Connect / UMA) that are needed
by mobile developers.   What would be the benefit
of using this solution?
3

• Sprint could support standard APIs for
  authentication and authorization, and enable an
  ecosystem of partners to authenticate Sprint
  customers via Internet standard API.
• How is this better than Sprints current
  solution?
• Supporting standards is important because we live
  in a world where there are multiple consumer
  IDPs, and if a website needs a special API to use
  your IDP, it will probably just not support you.
• What is the cost of your solution?
• Gluu sells support on its product. However, I
  think there might be some sponsored
  co-development opportunities.
• Who are some of your current customers?
• Toshiba uses Gluu to deliver authentication for
  its Cloud TV Service in Japan and Europe (and
  soon in the US). We have more than 20 university
  customers, in addition to a number of large
  enterprise customers.

4
We also are designing an authentication/authorizat
ion platform for the State of TX K-12 students,
and a citizen authentication platform for the
Philippines (90M users). In the telecom industry,
we worked with British Telecom on a multi-year
VOIP project, and have advised Rackspace on the
design of their authentication system. Do you
have any additional information or
comments? Please check the latest OpenID Connect
test results. Look in the last column for Gluu,
and you can see that our server is currently the
most comprehensive implementation of an OpenID
Connect Provider. Article Resource-http//theglu
userver.wordpress.com/2013/11/22/submission-to-spr
int-innovate-why-sprint-should-support-openid-conn
ect/