Attempting to figure out to model deeper authorizations that aren't based solely on the identity and require additional information. In your first example, it didn't take into consideration what the individual can do, only that they had different identities which needed to be correlated.
-----Original Message----- From: Dick Hardt [mailto:[EMAIL PROTECTED] Sent: Thursday, January 25, 2007 4:43 PM To: McGovern, James F (HTSC, IT) Cc: [email protected] Subject: Re: Federated Authorization On 25-Jan-07, at 1:36 PM, McGovern, James F ((HTSC, IT)) wrote: Modify your scenario as follows: - Tthe College of Physicians and Surgeons says she is a surgeon and is board certified for X number of procedures - A particular hospital says she is part of their team. Likewise, they also know that she plays different roles at other hospitals. Minimally we want to know when her admission priveleges expire - The university says she is part of their faculty and teachs in both the business school and engineering school. - the government says she is the business owner of her surgical practice and also serves in a board capacity on other boards Hopefully we can develop specifications which go deeper than just matching/correlation of identity and attribute. Hi James I don't follow your last comment. Would you elaborate? -- Dick ************************************************************************* This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. *************************************************************************
_______________________________________________ specs mailing list [email protected] http://openid.net/mailman/listinfo/specs
