Application Bridging for Federated Access Beyond Web (ABFAB) Architecture
draft-ietf-abfab-arch-00

The information below is for an old version of the document
Document Type Expired Internet-Draft (abfab WG)
Last updated 2011-07-29
Stream IETF
Intended RFC status (None)
Formats
Expired & archived
plain text pdf html bibtex
Reviews
Stream WG state WG Document
Document shepherd None
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-ietf-abfab-arch-00.txt

Abstract

Over the last decade a substantial amount of work has occurred in the space of federated access management. Most of this effort has focused on two use-cases: network and web-based access. However, the solutions to these use-cases that have been proposed and deployed tend to have few common building blocks in common. This memo describes an architecture that makes use of extensions to the commonly used security mechanisms for both federated and non- federated access management, including RADIUS, Diameter, GSS, GS2, EAP and SAML. The architecture addresses the problem of federated access management to primarily non-web-based services, in a manner that will scale to large numbers of identity providers, relying parties, and federations.

Authors

Josh Howlett (josh.howlett@ja.net)
Hannes Tschofenig (Hannes.Tschofenig@gmx.net)
Sam Hartman (hartmans-ietf@mit.edu)
Eliot Lear (lear@cisco.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)