[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [security-services] Use Cases
Mike, I only just noticed that your use-cases were all session-related. I apologize for not replying to this email earlier. You describe in your use-cases three separate ecosystems (for session usage) that all share an IdP. Each ecosystem may have its own idle timeout value set that does not impact the other ecosystems. Although I'm not finished with a solution proposal, my idea is basically that although you may have a single IdP (or authentication authority), responsible for authenticating users from all ecosystems, you might also have a separate *session* authority for each of the ecosystems. Thus the 20-minute and 1-hour timeout sessions would not cause any issues, as they would have been issued by separate session authorities. The session authorities would refer to an authentication authority (which could be the same one for all, or a different one for each) to provide authentication services. Does that make sense? - JohnK On Thursday, Oct 23, 2003, at 15:51 US/Eastern, Beach, Michael C wrote: > As I agreed, I have attempted to some use cases that Boeing would like > to see addressed. We would implement the described functionality > immediately if it were possible with our technology. The use case > descriptions are attached. > > > This could be considered a draft that may be refined after comments. > > Mike Beach > Associate Technical Fellow > The Boeing Company > (425) 865-4404 > > <CorporateUseCases.doc><smime.p7s>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]