China
Africa
Explore chapters and articles related to this topic
Federation, Presence, Identity, and Privacy in the Cloud
Published in John W. Rittinghouse, James F. Ransome, Cloud Computing, 2017
John W. Rittinghouse, James F. Ransome
Network identity is a set of attributes which describes an individual in the digital space. Identity management is the business processes and technologies of managing the life cycle of an identity and its relationship to business applications and services. Federated identity management (IdM) refers to standards-based approaches for handling authentication, single sign-on (SSO, a property of access control for multiple related but independent software systems), role-based access control, and session management across diverse organizations, security domains, and application platforms. It is a system that allows individuals to use the same user name, password, or other personal identification to sign on to the networks of more than one entity in order to conduct transactions. Federation is enabled through the use of open industry standards and/or openly published specifications, such that multiple parties can achieve interoperability for common use cases. Typical use cases involve things such as cross-domain, web-based single sign-on, cross-domain user account provisioning, cross-domain entitlement management, and cross-domain user attribute exchange.
Digital Library Technology for Hydrology
Published in Praveen Kumar, Jay Alameda, Peter Bajcsy, Mike Folk, Momcilo Markus, Hydroinformatics: Data Integrative Approaches in Computation, Analysis, and Modeling, 2005
The system architecture for an HIS digital library network node is depicted in Figure 3.5. A node in a communications network is a locus where some type of information processing takes place. It may be information production, consumption, or switching. It is important to recognize that, although we talk here mainly about the properties of a single digital library network node, the network we keep referring to would be made up of a set of computers located at hydrologic observatories and laboratories. The fact that they are federated means that they operate with a common governance structure and set of standards, conventions, and procedures. The main infrastructure components are the Storage Resource Broker (SRB) middleware and a metadata catalog running on a server node using the Linux operating system. The harvesting process listed in the center is a set of programs written in various languages including Perl and shell scripting languages (e.g., Bash) to extract data and metadata from sources and generate the (Boutilier 1999) pairs (see Figure 3.7). At the time of this writing, these programs are still undergoing development so a detailed enumeration and description of them would be quickly outdated. The interested reader can refer http://cuahsi.sdsc.edu for the latest version of these codes. However, there is a code called adoCreator.pl used to produce the pairs (Boutilier 1999) and a separate set of codes to install and configure the digital library server node corresponding to the CollectionBuilder tool listed in Figure 3.5. Once created, the ADOs are loaded into the SRB and the metadata contained in the * .mif files is loaded into the metadata catalog using a loading code.
Software and Technology Standards as Tools
Published in Jim Goodell, Janet Kolodner, Learning Engineering Toolkit, 2023
Jim Goodell, Andrew J. Hampton, Richard Tong, Sae Schatz
Federated and distributed identity methods store a person’s (or organization’s) electronic identity across multiple distinct identity management systems. A special type of federated identifier, the decentralized identifier (DID), has been designed so that it may be decoupled from centralized registries, identity providers, and certificate authorities. In other words, DIDs enable each person (or other entity) to have a single, verifiable, machine readable User ID across systems.18
Policy reconciliation for access control in dynamic cross-enterprise collaborations
Published in Enterprise Information Systems, 2018
D. Preuveneers, W. Joosen, E. Ilie-Zudor
For enterprise collaborations across these trust boundaries, the security administrator can add the IdP of a collaborating business partner to the circle of trust of its own IAM system, enabling federated single sign-on (SSO) to facilitate cross-enterprise authentication through delegation. However, cross-enterprise authorization remains a non-trivial challenge, as different enterprises may grant limited access to each other’s business applications and data (see Figure 1) but use different attributes and impose other security rules regarding the subject requesting access, the actual resource to be accessed, and the nature of the temporary business partnership. By not having a centralized authority in place that standardizes all identity and attribute definitions, Enterprise 1 may rely on possibly missing or inconsistent attributes of the IdP of Enterprise 2 to evaluate and enforce its own access control policies.
Current status and future directions of geoportals
Published in International Journal of Digital Earth, 2020
Hao Jiang, John van Genderen, Paolo Mazzetti, Hyeongmo Koo, Min Chen
The federated approach requires participants to agree on common specifications in terms of metadata, data models, and service interfaces (Fa et al. 2016), typically based on international de-jure or de-facto standards. The federated approach is usually adopted in systems based on services, i.e. a Service Oriented Architecture (SOA). The federated approach is able to play meaningful performance in controlled environments, where a strong legal framework ensures that stakeholders implement the agreed and approved standards and protocols (e.g. the NSDI of U.S. and INSPIRE of E.U.) (Mazzetti and Nativi 2012).