[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Gap Analysis: use case 27, Intercloud Document Exchange
Matt, Would you care to share here in writing your design thoughts about the Intercloud identity matching/authorization issue we discussed before? I’ve included below notes from our earlier discussion. On today’s weekly Gap Analysis call, it seemed potentially helpful to start an email thread for continuing discussion on each of the use cases covered so far on those calls. Roger Discussed distinction between Federated Identity operations and Provisioning Provisioning is CRUD operations on top of directories Federated Identity has a notion of a trusted identity providers Scenarios 1 and 3 relate to identity setup, and the associated attributes SAML, SPML, WS-Trust (with claims that could be SAML tokens), OpenId, Oauth Discussed scenario 2, re authorization to submit documents In identity terms, this depends on establishing/validating a match between a pre-existing identity in the receiver system, and a newly-provisioned identity triggered by the sender system, based on the matching of certain attributes associated with each of those two identities. Matt proprosed to come up with a design for such a system, for discussion next time. |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]