Federated Identity Management

Looking into techniques to allow us to decentralize user management in cross-institutional (and non-institutional) software, such as APOLLO.

Here are some links I've come across on the topic:

Many of these articles look like corporate shovelware "Read about how smart we are - give us money" but maybe there's some good stuff in there, too.

This is stuff waaaay outside my normal realm of things, so I'll be doing some reading/thinking about this stuff, and how it might affect CAREO/APOLLO.

The goal is to be able to do something like this scenario:

Bill is a professor at the University of Calgary. He securely logs into an APOLLO search application using his U of C login, and APOLLO is aware of the groups and roles that Bill has as part of his U of C identity.

Mary is a grad student at the University of British Columbia. She logs into an APOLLO collaborative application using her UBC login, and is able to access resources defined by her groups and roles described by her UBC identity.

Bill and Mary are working together on a project, and Bill creates an ad-hoc group in APOLLO for them to share resources privately while collaborating on their development. Once ready for publication, these resources are made available to individuals at both the U of C and UBC.

See Also

comments powered by Disqus
Last updated: September 16, 2023