Changes between Version 20 and Version 21 of T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel


Ignore:
Timestamp:
08/09/08 15:09:51 (11 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel

    v20 v21  
    22= ESG - NDG Security Use Cases for Login, User Registration and Authorization = 
    33[[PageOutline]] 
    4 These use cases aim to demonstrate the proposed solution for access control following recent discussions with the ESG development team.  The aim is to demonstrate a proposed push and pull model for user attribute handling between ESG federation members.  Only a browser based profile is considered here.  Key to this: 
    5  * ESG IdPs (OpenID Providers) hold IdP specific attributes for their users. 
     4These use cases aim to demonstrate the proposed solution for access control following recent discussions with the ESG development team.  The aim is to demonstrate a proposed push and pull model for user attribute handling between ESG federation members.  Key to this: 
     5 * ESG !IdPs (OpenID Providers) hold IdP specific attributes for their users. 
    66 * On an authentication request, an ESG IdP may push attributes back to the Relying Party (Data Provider site or gateway) that requests them.  These may be used for access control decisions.  However, 
    77 * Individual Attribute Services may be responsible for the allocation of attributes that protect a given set of resources. 
     
    1010 * User attributes then are held at the user's IdP but some may also be held independently at Attribute Services where a user choses to register. 
    1111 
     12Only a browser based profile is considered here. 
     13   
    1214 1. [wiki:T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel#a1LoginandAuthorizationusingpushandpullmodelforuserattributehandling User Registration for new Dataset.  (User attribute assignment)] 
    1315 1. [wiki:T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel#a2UserRegistrationfornewDatasetUserattributeassignment Login and Authorization (using push and pull model for user attribute handling)]