Dear all,
We just submitted an I-D to IETF regarding the security of federated identitiy
managment in ABFAB few days ago. Please kindly review and feel free to give us
any comments. Thank you in advance.
Key points & Requirements Analysis
This I-D describes two use cases in ABFAB. The main idea is to differentiate
the level of assurance for authentication and to classify the authenticity of
attributes in order to improve the security and usability of federation
identity management on ABFAB architecture.
The former is usually used for meeting the requirements of multiple terminals
accessing network and complexity of network environment. To differentiate
authentication level can make a trade-off between usability and security. The
latter is typically used to assist service providers to make authorization
decisions, that is service providers can grant specific protected resources to
requestors according the trustworthiness of their identity attributes without
compromising the security of resources.
Although ABFAB architecture can support multiple authentication mechanisms and
attributes transmission, it does not give a fine-grained classification which
can satisfy requirements in real world better.
Best wishes, Juan
Wei Juan
Begin forwarded message:
From: internet-drafts
Date: 2013-09-22 17:30
To: [email protected]; Jianyong Chen; Wei Juan; Jun Zhang
Subject: New Version Notification for draft-wei-abfab-usecases-00.txt
A new version of I-D, draft-wei-abfab-usecases-00.txt
has been successfully submitted by Wei Juan and posted to the
IETF repository.
Filename: draft-wei-abfab-usecases
Revision: 00
Title: Application Bridging for Federated Access Beyond Web
Creation date: 2013-09-22
Group: Individual Submission
Number of pages: 7
URL:
http://www.ietf.org/internet-drafts/draft-wei-abfab-usecases-00.txt
Status: http://datatracker.ietf.org/doc/draft-wei-abfab-usecases
Htmlized: http://tools.ietf.org/html/draft-wei-abfab-usecases-00
Abstract:
Identity Management System plays an important role in Cloud
Computing. A good Identity Management System should meet the diverse
security requirements from both service providers and users, improve
usability for users and protect the resources from unauthorized
access. The goal of the document is to document the improvement of
Identity Management System to provide users a friendly experience
through the use of technologies based on the ABFAB architecture and
specifications.
Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.
The IETF Secretariat_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
