terena networking conference 2010


geant Invitation based authorization in federated systems

Federations are growing faster and bigger in the Internet and, more specifically, in the academic networks. Once solved the main problem of interconnecting services with identity providers and making them talk a common language to exchange identity information, current research is focused on the high level features that should be provided by federated architectures, that is, attribute aggregation and authorization. This paper examines a solution to provide services with an external, distributed way of authorizing their users, easier to deploy than current approaches, making it compatible with group management tools, and finally simpler to use for both users and administrators.