[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Gap Analysis Use Case 21: Mobile Customers' Identity Authentication Using a Cloud provider
--- This discussion thread is to start an on-list discussion on the Gap Analysis of individual use cases. Use case numbers refer to the use cases as described in the 'OASIS Identity in the Cloud TC Use Cases' Version 1.0, Working Draft 02, 15 December 2011, which is available at http://www.oasis-open.org/committees/document.php?document_id=44915&wg_abbre v=id-cloud The information below describes the current state. You are invited to respond on-list to this thread with any comments, insights, additions, etc. All input will be gathered from the list and consolidated into the next revision of the Gap Analysis document. --- Use Case 21: Mobile Customers' Identity Authentication Using a Cloud provider Short description: Show how a financial company is able to use a cloud service provider to authenticate its globally-based mobile clients and to connect them to the closest (cloud) physical location for fast response. Relevant applicable standards: - SAML - oAuth - XSPA - WS-Trust Analysis notes: - In mobile, the use of the device in MFA is the distinguishing characteristic - Device id would be one of the attributes/factors involved - Such use requires a device registration process (possibly more than one per account) - Process flow for the use case should probably include the registration and other process steps - Unclear if there is a standard for device registration (profile) - Various keywords from the use case (device, secure hardware, registration, MFA). Research required based on those keywords to identify other potentially relevant standards - This use case may have applicability to healthcare scenarios, so there might be some relevant healthcare standards Possible GAPs identified: ---
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]