UCTrust Workgroup
Child pages
  • High-level Overview of UCTrust Entity Services

Versions Compared

Old Version 3

changes.mady.by.user gahaverkamp@lbl.gov

Saved on

compared with

New Version 4

changes.mady.by.user gahaverkamp@lbl.gov

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This document provides a high-level overview of the tentatively named UCTrust Entity Services ("Entity Services").  The role of Entity Services is to manage entity details in the federation.  As of this time, the "entity details" to manage are entity attributes added to IdP's and SP's in InCommon metadata.  By adding entity attributes to InCommon metadata, UCTrust gains securely managed and distributed metadata that reliably identifies UCTrust member entities.  The hoped-for first benefit UCTrust obtains through the addition of identifying entity attributes are pre-defined attribute release bundles - that is, bundles of attributes that IdP's are pre-configured to release to identified SP's.  (More on entity attributes.)


Entity Services (and Process)

UCTrust has typically been a group of identity managers from the member institutions.  And while we commiserated on identity management issues, we did not typically provide any centralized services for the membership.  However, the processes required to vet and manage entity attributes necessitates the creation of an operational group within UCTrust - the creation of a service.  There may be more than one service as time goes on, but this initial service is the management of entity details. 

...