Seitenhistorie
...
For Attribute Based Access Control (a model better suited to distributed system systems than RBAC) to work all parties must have a shared understanding of the data elements transmitted, their exact form(at) and their meaning. Therefore standardizing attibutes and their use is an essential component of all Identity Federation and Interfederation efforts.
- Attributes are defined in Attribute Schemas, which range from IETF-standarized COSINE/orgPerson/inetOrgPerson schemas to ones specific to Higher Education, Research and Academia.
...
- Attributes often consitute personal data (or PII, Personally Identifiable Information), so for controlled attribute release the use of Service Categories is recommended.
- There currently is exists no formal eduID.at Attribute Profile, but all IDPs should be able to generate the list of attributes specified in section "Make attributes available" on Preparing an IDP for Interfederation.
- For Service Providers the GEANT community has created a guide detailling What attributes are relevant for a Service Provider
See child pages for more detail on specific attributes.
...
Überblick
Inhalte
Aufgabenbericht