OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

id-cloud message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Gap Analysis: use case 27, Intercloud Document Exchange



Would you care to share here in writing your design thoughts about the Intercloud identity matching/authorization issue we discussed before?  I’ve included below notes from our earlier discussion.


On today’s weekly Gap Analysis call, it seemed potentially helpful to start an email thread for continuing discussion on each of the use cases covered so far on those calls.






Discussed distinction between Federated Identity operations and Provisioning

Provisioning is CRUD operations on top of directories

Federated Identity has a notion of a trusted identity providers

Scenarios 1 and 3 relate to identity setup, and the associated attributes

SAML, SPML, WS-Trust (with claims that could be SAML tokens), OpenId, Oauth

Discussed scenario 2, re authorization to submit documents

In identity terms, this depends on establishing/validating a match between a pre-existing identity in the receiver system, and a newly-provisioned identity triggered by the sender system, based on the matching of certain attributes associated with each of those two identities.


Matt proprosed to come up with a design for such a system, for discussion next time.


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]