Difference between revisions of "Federation"

From MgmtWiki
Jump to: navigation, search
(Solution)
(References)
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
 
Wherever a collection of [[Web Site]]s band together to create a common set of rules that all agree to be bound by.
 
Wherever a collection of [[Web Site]]s band together to create a common set of rules that all agree to be bound by.
 +
==Context==
 +
 +
==Problem==
 +
 
==Solution==
 
==Solution==
In order that a [[Federation]] can be expose both is principles and its membership to the public a [[Federation Service]] must be maintained and [[Trust]]ed by users of the [[Federation]].
+
In order that a [[Federation]] can expose both is principles and its membership to the public a [[Federation Trust Repository]] must be maintained and [[Trust]]ed by users of the [[Federation]].
 +
* [https://openid.net/specs/openid-connect-federation-1_0.html OpenID Connect Federation 1.0 - draft 10] <blockquote>The OpenID Connect standard specifies how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain RP credentials. The discovery and registration process does not involve any mechanisms of dynamically establishing trust in the exchanged information, but instead rely on out-of-band trust establishment. In an identity federation context, this is not sufficient. The participants of the federation must be able to trust information provided about other participants in the federation. OpenID Connect Federations specifies how trust can be dynamically obtained by resolving trust from a common trusted third party.</blockquote>
  
 
==References==
 
==References==
 +
<references />
 +
* [https://www.nist.gov/publications/nist-cloud-federation-reference-architecture The NIST Cloud Federation Reference Architecture]
 +
 +
[[Category:Glossary]]
 +
[[Category:Trust]]

Revision as of 16:40, 31 May 2020

Full Title or Meme

Wherever a collection of Web Sites band together to create a common set of rules that all agree to be bound by.

Context

Problem

Solution

In order that a Federation can expose both is principles and its membership to the public a Federation Trust Repository must be maintained and Trusted by users of the Federation.

  • OpenID Connect Federation 1.0 - draft 10
    The OpenID Connect standard specifies how a Relying Party (RP) can discover metadata about an OpenID Provider (OP), and then register to obtain RP credentials. The discovery and registration process does not involve any mechanisms of dynamically establishing trust in the exchanged information, but instead rely on out-of-band trust establishment. In an identity federation context, this is not sufficient. The participants of the federation must be able to trust information provided about other participants in the federation. OpenID Connect Federations specifies how trust can be dynamically obtained by resolving trust from a common trusted third party.

References