Changes between Version 32 and Version 33 of T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel


Ignore:
Timestamp:
08/09/08 15:52:39 (11 years ago)
Author:
pjkersha
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • T12_Security/ESG/LoginAttributeRequestAndAuthorizationPushAndPullModel

    v32 v33  
    44 
    55Key to this: 
    6  * ESG !IdPs (OpenID Providers) hold IdP specific attributes for their users. 
     6 * ESG !IdPs (OpenID Providers) hold attributes for their users but attributes are also be held independently at Attribute Services. 
    77 * On an authentication request, an ESG IdP may push attributes back to the Relying Party (Data Provider site or gateway) that requests them.  These may be used for access control decisions.  However, 
    88 * Individual Attribute Services may be responsible for the allocation of attributes that protect a given set of resources. 
    99 * Users wishing to access those resources are directed to these Attribute Services in order to register  
    1010 * In order to make an access control decision, an Attribute Service (may in some cases be more than one) may be queried to pull user attributes. 
    11  * User attributes then are held at the user's IdP but some may also be held independently at Attribute Services. 
    1211 
    1312Only a browser based profile is considered here.