Sep 14, 2009

WIF (aka Geneva) Glossary

Federated claims-based security as implemented in Microsoft Windows Identity Foundation brings a set of terms that are important to understand. Because I did not find a glossary “out there” I put together a list of terms annotated with a definition (copied from other sources like K. Brown or written myself).

[Sorry: partly in German]

Term

Description

Claim

a bit of identity information such as name, email address, age, membership in the Sales role, and so on

Token

A security token is a serialized set of claims that is digitally signed by the issuing authority

STS

builds, signs, and issues security tokens according to the interoperable protocols

RP

an application that relies on claims

R-STS

the .NET Access Control Service features a Resource-STS: that R-STS can be configured for accepting tokens from specific IP-STSs, and perform various claim transformation including emitting authorization claims

IP-STS

Identity provider STS, like Live ID/passport, ADFS, Sun Metro, CA SiteMinder, IBM, Oracle

Issuer

Issuing authority like Domain Controller, Certificate Authority, Ausweisb├╝ro der Gemeinde/Kanton

Rule

Claims transformation rule (input -> output)

Federate

“verb├╝nden”, trust, establish base for SSO

Claims transformation

Values of input claims are transferred to output claim values (copied, constants, from claim type to other claim type). Mapping.

Scope

Container for rules and token settings (like token renewal, etc.).

Claim type

A URN string describing the meaning of a claim. There are standard claim types; you can add your own.

Action claim

Claim representing an ACS right (e.g. servicebus send/listen/etc.)

ClaimsAuthorizationManager

Modul/Handler used by an RP to implement special authorization. Also possible to do other claims transformation/mapping.

ACS

Azure .NET Services component for Identity und Access Control

Service Bus

Transparent, routed WCF web service through the cloud, providing quality of services.

   

No comments:

Post a Comment