ITI Access Control White Paper: Difference between revisions
Jump to navigation
Jump to search
| Line 1: | Line 1: | ||
=== Standards and Specs to be considered === | === Standards and Specs to be considered === | ||
SAML | ====SAML==== | ||
WS Trust | Any information on policies that is to be exchanged is encoded as a SAML 2.0 assertion. The respective profiling must be in line with the conventions defined for XUA. | ||
XSPA | The use of WS Trust RST/RSTR is prefered for the SAML 2.0 protocol. | ||
XACML | |||
====WS Trust==== | |||
Issuing and validation of SAML-encoded security token is performed by WS Trust STS. The experiences made with the eCR implementations based on the SUN and Microsoft WS Trust frameworks should be considered in order to avoid WS Trust features that are not implemented in a compatible manner by these platforms. | |||
====XSPA==== | |||
XSPA is the reference model with respect to the building blocks and the flow of control. | |||
====XACML==== | |||
Anything specified in the white paper must be implementable using XACML encoded policies. | |||
=== Detailed proposal === | === Detailed proposal === | ||
[ftp://ftp.ihe.net/IT_Infrastructure/iheitiyr7-2009-2010/Technical_Cmte/Meetings/2008_Nov_f2f/Detailed_Proposals/XPP-Presentation_revised.ppt Access control white paper detailed proposal] | [ftp://ftp.ihe.net/IT_Infrastructure/iheitiyr7-2009-2010/Technical_Cmte/Meetings/2008_Nov_f2f/Detailed_Proposals/XPP-Presentation_revised.ppt Access control white paper detailed proposal] | ||
Revision as of 03:57, 6 January 2009
Standards and Specs to be considered
SAML
Any information on policies that is to be exchanged is encoded as a SAML 2.0 assertion. The respective profiling must be in line with the conventions defined for XUA. The use of WS Trust RST/RSTR is prefered for the SAML 2.0 protocol.
WS Trust
Issuing and validation of SAML-encoded security token is performed by WS Trust STS. The experiences made with the eCR implementations based on the SUN and Microsoft WS Trust frameworks should be considered in order to avoid WS Trust features that are not implemented in a compatible manner by these platforms.
XSPA
XSPA is the reference model with respect to the building blocks and the flow of control.
XACML
Anything specified in the white paper must be implementable using XACML encoded policies.