|User's trusted identity agent and r-card [message #562679]
||Mon, 31 March 2008 12:01
Originally posted by: olivier.maas.atosorigin.com|
I am evaluating the benefit of using Higgins for my project around user
centric identity and this leads me to a few questions about what Higgins'
next steps will be.
In particular, I am trying to understand what is going to be possible with
the concept of r-cards and identity agent.
Let me take an example of what I imagine could be done. Tell me if I am
Let's say I have two identities :
- one identity issued by my bank as a Cardspace managed card
- one identity issued by the government based on a Liberty Alliance
I can import these two identities in my identity agent.
Now within my identity agent, I can create a new card (r-card?) which
combines attributes from both identity provider (bank and government). I
can use this card for web sites that are compatible with Cardspace or
Liberty Alliance (through the IdAS layer)
Am I right?
If yes, what is the Higgins component that will implement the user's
identity agent? Who will provide this service in the real life?
What is the security model around the exchange of the attributes between
the different parties (IdP, Identity agent, SP) ?
Since attributes from one r-card are coming from multiple identity
provider that may require user authentication, how is the authentication
done from the user point of view?
Who issues and signs the token and the attributes?(the identity agent?).
Thanks for your help.
Powered by FUDForum
. Page generated in 0.01356 seconds