|
|
| (47 intermediate revisions by 2 users not shown) |
| Line 1: |
Line 1: |
| − | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}}
| |
| − | [[Image:Higgins_logo_76Wx100H.jpg|right]]
| |
| | | | |
| − | The [[Attribute Service 1.1]] (formerly referred to as Identity Data Service) provides a web services binding over the [[IdAS 1.1 Package]]. The first protocol we plan to support is [[XDI]]
| |
| − |
| |
| − | == Architecture ==
| |
| − |
| |
| − | [[Image:Attribute-service-1.1.100.png|center]] ''([[Diagram Key]])''
| |
| − |
| |
| − | Components and Packages:
| |
| − | * [[Components_1.1#Attribute_Service]]
| |
| − | * [[IdAS 1.1 Package]]
| |
| − |
| |
| − | == Authentication ==
| |
| − |
| |
| − | Authentication issues include:
| |
| − |
| |
| − | # How does the RP discover what type of authentication materials are required? How are these types described (e.g. as a URI)?
| |
| − | # What types of authentication materials should be supported?
| |
| − | # How should the authentication credentials be serialized in the data sharing protocol?
| |
| − |
| |
| − | === RP Authentication Scheme Discovery ===
| |
| − |
| |
| − | How the RP discovers the kind of authentication materials required depends on the ''type'' of value of the resource-udr claim. There are two possibilities. If the value is an [[Entity UDI]] then the type of authentication materials is described as a URI in the XRD of the target [[Context]] that is found during URI resolution. If, on the other hand, the value is an XRD, then the URI describing the type of authentication material required will be included in this XRD. These URIs are described in the the ''Authentication Material Types'' section of [[Authentication Materials]].
| |
| − |
| |
| − | === Authentication Credential Serialization ===
| |
| − | This issue lives at two levels:
| |
| − |
| |
| − | ==== IdAS Layer ====
| |
| − | How will authentication credentials be serialized at the IdAS layer?
| |
| − |
| |
| − | ''2009-02-26 – TODO - Markus to post a proposal.''
| |
| − |
| |
| − | ==== Data Sharing Protocol Layer ====
| |
| − | How authentication data is serialized is protocol dependent. This serialization must be covered by the data sharing protocol specifications and if necessary the schema/dictionary specifications used by that protocol for the specific authentication schemes.
| |
| − |
| |
| − | To use XDI as an example, the overall serialization formats for XDI are being defined in the XDI Serialization specification. Then the encoding of the specific XDI data types involved with a particular authentication scheme is specified in the XDI dictionary defining those data types. (XDI dictionaries semantics is being defined in the XDI Dictionary specification.)
| |
| − |
| |
| − | == See Also ==
| |
| − | * [[IdAS Proxy Service]]
| |
| − |
| |
| − | [[Category: Higgins Solutions]]
| |
