Application Bridging for Federated Access Beyond Web (ABFAB) Use Cases
RFC 7832
|
Document |
Type |
|
RFC - Informational
(May 2016; No errata)
|
|
Author |
|
Rhys Smith
|
|
Last updated |
|
2016-05-11
|
|
Stream |
|
IETF
|
|
Formats |
|
plain text
html
pdf
htmlized
bibtex
|
|
Reviews |
|
|
Stream |
WG state
|
|
Submitted to IESG for Publication
|
|
Document shepherd |
|
Klaas Wierenga
|
|
Shepherd write-up |
|
Show
(last changed 2012-07-17)
|
IESG |
IESG state |
|
RFC 7832 (Informational)
|
|
Consensus Boilerplate |
|
Yes
|
|
Telechat date |
|
|
|
Responsible AD |
|
Stephen Farrell
|
|
IESG note |
|
Klaas Wierenga (klaas@cisco.com) is the document shepherd.
|
|
Send notices to |
|
(None)
|
Internet Engineering Task Force (IETF) R. Smith, Ed.
Request for Comments: 7832 Jisc
Category: Informational May 2016
ISSN: 2070-1721
Application Bridging for Federated Access Beyond Web (ABFAB) Use Cases
Abstract
Federated identity is typically associated with web-based services at
present, but there is growing interest in its application in non-web-
based contexts. The goal of this memo is to document a selection of
the wide variety of these contexts whose user experience could be
improved through the use of technologies based on the Application
Bridging for Federated Access Beyond web (ABFAB) architecture and
specifications.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7832.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Smith Informational [Page 1]
RFC 7832 ABFAB Use Cases May 2016
Table of Contents
1. Introduction ....................................................2
2. Context of Use Cases ............................................3
3. Use Cases .......................................................3
3.1. Cloud Services .............................................3
3.1.1. Cloud-Based Application Services ....................4
3.1.2. Cloud-Based Infrastructure Services .................5
3.2. High-Performance Computing .................................6
3.3. Grid Infrastructure ........................................6
3.4. Databases and Directories ..................................7
3.5. Media Streaming ............................................8
3.6. Printing ...................................................9
3.7. Accessing Applications from Devices on a Telecoms
Infrastructure .............................................9
3.8. Enhanced Security Services for S/MIME .....................10
3.9. Smart Objects .............................................11
4. Security Considerations ........................................11
5. References .....................................................12
5.1. Normative References ......................................12
5.2. Informative References ....................................12
Acknowledgments ...................................................13
Contributors ......................................................13
Author's Address ..................................................13
1. Introduction
Federated identity facilitates the controlled sharing of information
about people (a.k.a. "principals"), commonly across organizational
boundaries. This avoids redundant registration of principals who
operate in and across multiple domains, both reducing the
administrative overhead for the organizations involved and improving
the usability of systems for the principal. Simultaneously, it can
also help address privacy-related concerns, along with the regulatory
and statutory requirements of some jurisdictions.
The information that is passed between organizations may include
authentication state and identity information that can be used for
many purposes, including making access management decisions. A
number of mechanisms support the transmission of this information for
web-based scenarios in particular (e.g., the Security Assertion
Markup Language (SAML) [OASIS.saml-profiles-2.0-os]), but there is
significant interest in the more general application of federated
identity to include non-web use cases. This document enumerates some
Show full document text