1 / 14

Liberty Alliance ID-WSF Framework

Liberty Alliance ID-WSF Framework. Mikko Laukkanen. Introduction. Liberty Alliance Standards for federated identity What is federated identity? A set of attributes on various accounts with different service providers Name, address, phone number, credit card number

alexandria-anagnos
Télécharger la présentation

Liberty Alliance ID-WSF Framework

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Liberty Alliance ID-WSF Framework Mikko Laukkanen

  2. Introduction • Liberty Alliance • Standards for federated identity • What is federated identity? • A set of attributes on various accounts with different service providers • Name, address, phone number, credit card number • Liberty provides standards for delivering identity-based Web services

  3. Terminology • Principal (end-user) is a system entity, whose identity can be authenticated • Identity provider (IdP) authenticates and manages identity information of end-users • Service provider (SP) is typically a website or a web service which provides end-users with services • Circle of Trust (CoT) is a federation of service providers and identity providers • Identity service stores and provides end-user's identity information to other components (mainly SPs) • Discovery service facilitates the registration and the discovery of identity service instances • Web service consumer (WSC) makes requests to a Web services, and is usually a service provider. • Web service provider implements a Web service.

  4. Players on the Field • End users • Simplicity • Personalized services • Idenitity Providers • Large (customer) base of identities • Authentication and identity service hosting • Service Providers • Simplicity, ease of deployment • Large customer base • Hardware/software vendors • Liberty-enabled devices, products, and platforms

  5. Three Phases of Specifications

  6. 12 13 End-user 6 9 8 7 5 4 3 2 1 SP / WSC WSP(Prefs) 10 11 WSP WSP(Geoloc) IDP DS ID-FF ID-WSF Bootstrapping ID-WSF with ID-FF (1) ”Give me service!” (2) ”Who is this guy?” (3) ”Who are you?” (4) ”I’m Mikko!” (5) ”He is Mikko.” (6,7) ”Where are Mikko’s prefs?” (8,9) ”Here are Mikko’s prefs.” (10,11) ”Where is Mikko’s geoloc?” (12,13) ”Here is Mikko’s geoloc?”

  7. ID-WSF Framework

  8. ID-WSF Specifications • SOAP Binding Specification • Discovery Service Specification • Security Mechanisms Specification • Interaction Service Specification • Data Services Template Specification • Personal and Employee Profiles • Supportive ID-WSF Documents

  9. ID-WSF 2.0 • SAML 2.0 • People Service • Advanced DST support • Improved LUAD

  10. Mobile Aspects of ID-WSF • Liberty Reverse HTTP Binding for SOAP Specification (PAOS) • Client Profiles for Liberty-enabled User Agents or Devices (LUAD) • Authentication Service Specification

  11. Use Case of ID-WSF Based Service

  12. Use Case Remarks • Browser-based interactions • Many steps require user interactions • Initial service access, authentication, consent, selection of restaurant, ... • LUAD-based interactions • Many steps can be delegate to software agents: initial service access, authentication, even consent? • Fully implementable using currently available Liberty platforms and devices

  13. Discussion and Future of ID-WSF • Liberty work driven by market needs • ID-WSF technical work done, excl. the finalization of ID-WSF 2.0 • Liberty do not take stance on mobile aspects, other than PAOS and LUAD • Future work includes developing business guidelines and best-practices documents • ... and specification work for strong authentication (ID-SAFE)

  14. Thank you! Questions & Comments?

More Related