1 / 16

Comprehensive Authorization Use Cases for Web SSO, File Access, VPN, and Financial Services

This document outlines various authorization use cases highlighting Web Single Sign-On (SSO) via Web Access Management (WAM) and SAML, file access managed by operating systems, remote network access to Virtual Private Networks (VPN), and database access using local accounts and web applications. It provides detailed scenarios for each use case, including target resources, principal actors, user environments, and authorization processes involving Policy Decision Points (PDP), Policy Administration Points (PAP), and Policy Information Points (PIP). This resource serves as a guide for understanding identity and authorization services.

gilles
Télécharger la présentation

Comprehensive Authorization Use Cases for Web SSO, File Access, VPN, and Financial Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Authorization Use Cases Identity and Authorization Services Working Group (IAS-WG) April, 2010

  2. AuthZ Use Case - Web SSO via Web Access Management (WAM) System Target Resource Principal PEP WAM plug-in User/device HTML or web app Environment Time/Location PDP WAM Server PAP PIP WAM console LDAP

  3. Use case details – Web SSO via Web Access Management (WAM) System

  4. AuthZ Use Case - Web SSO via SAML Target Resource Principal PEP SAML-enabled Web app User/device HTML or web app Environment Time/Location PDP SAML server PAP PIP LDAP & SAML consoles LDAP

  5. Use case details – Web SSO via SAML

  6. AuthZ Use Case – File access mediated by operating system (OS) Target Resource Principal PEP OS User/device File Environment Time/Location PDP OS PAP PIP OS utilities OS

  7. Use case details – File access mediated by operating system (OS)

  8. AuthZ Use Case – remote network access to virtual private network (VPN) Target Resource Principal PEP VPN User/device Network Environment Time/Location PDP RADIUS PAP PIP RADIUS utilities RADIUS DB

  9. Use case details – remote network access to virtual private network (VPN)

  10. AuthZ Use Case – Database access using local DB accounts Target Resource Principal PEP DB User/device Rows, columns, or tables Environment Time/Location PDP DB PIP PAP DB security tables DB utilities

  11. Use case details – Database access using local DB accounts

  12. AuthZ Use Case – Database access via web application Target Resource Principal PEP Web app/ Service account DB Rows, columns, or tables Environment Time/Location PDP DB PIP PAP DB security tables DB utilities

  13. Use case details – Database access using Database access via web application

  14. AuthZ Use Case: Multi-channel access to financial service Typical self-serve channels include online, ABM, IVR, Mobile Target Resource Principal PEP Involved party/channel Channel Credential Collector Financial web Application or service Environment Channel type, Location PDP AuthZ Web Service PIP PAP LDAP Policy Store Admin point

  15. Use case details: Multi-channel access to financial service

  16. Use case details: Multi-channel access to financial service (2)

More Related