Sie zeigen eine alte Version dieser Seite an. Zeigen Sie die aktuelle Version an.

Unterschiede anzeigen Seitenhistorie anzeigen

« Vorherige Version anzeigen Version 5 Nächste Version anzeigen »

Attributes are data elements about individuals or institutions, with standardized syntax and semantics. They describe information essential for applications and services, e.g. your name and your relation to the institution issuing those attributes. Often attributes will be used for distributed access control, where the evaluation of attributes (authorization, happening at the Service Provider) is decoupled from the issuer of the data (the Identity Provider, authenticating the subject).

Attributes are a core part of the value proposition of Identity Federation: Identity Providers issue trustworthy attributes about subjects (and institutions) to Service Providers, who then provide levels of service corresponding to those recieved attributes (e.g. according to a contract with the institution or the identity or affiliation of the subject).

For Attribute Based Access Control (a model better suited to distributed system than RBAC) to work all parties must have a shared understanding of the data elements transmitted, their form and meaning. Therefore standardizing attibutes and their use is an essential component of all Identity Federation and Interfederation efforts.

Attributes are defined in Attribute Schemas, which range from IETF-standarized COSINE/orgPerson/inetOrgPerson schemas to ones specific to Higher Education, Research and Academia. 

  • Keine Stichwörter