WIF (aka Geneva) Glossary

Federated claims-based security as implemented in Microsoft Windows Identity Foundation brings a set of terms that are important to understand. Because I did not find a glossary “out there” I put together a list of terms annotated with a definition (copied from other sources like K. Brown or written myself).

[Sorry: partly in German]

Term	Description
Claim	a bit of identity information such as name, email address, age, membership in the Sales role, and so on
Token	A security token is a serialized set of claims that is digitally signed by the issuing authority
STS	builds, signs, and issues security tokens according to the interoperable protocols
RP	an application that relies on claims
R-STS	the .NET Access Control Service features a Resource-STS: that R-STS can be configured for accepting tokens from specific IP-STSs, and perform various claim transformation including emitting authorization claims
IP-STS	Identity provider STS, like Live ID/passport, ADFS, Sun Metro, CA SiteMinder, IBM, Oracle
Issuer	Issuing authority like Domain Controller, Certificate Authority, Ausweisbüro der Gemeinde/Kanton
Rule	Claims transformation rule (input -> output)
Federate	“verbünden”, trust, establish base for SSO
Claims transformation	Values of input claims are transferred to output claim values (copied, constants, from claim type to other claim type). Mapping.
Scope	Container for rules and token settings (like token renewal, etc.).
Claim type	A URN string describing the meaning of a claim. There are standard claim types; you can add your own.
Action claim	Claim representing an ACS right (e.g. servicebus send/listen/etc.)
ClaimsAuthorizationManager	Modul/Handler used by an RP to implement special authorization. Also possible to do other claims transformation/mapping.
ACS	Azure .NET Services component for Identity und Access Control
Service Bus	Transparent, routed WCF web service through the cloud, providing quality of services.