Looking into techniques to allow us to decentralize user management in cross-institutional (and non-institutional) software, such as APOLLO.
Here are some links I've come across on the topic:
- Towards Federated Identity Management - Andre Durand
- Federated identity, PingID and standards cartels - Dan Farber
- Federated Identity Face-Off - Interview by Stuart J. Johnston and Dan Ruby
- SourceID Wiki - open source identity management
- Topology of Federation - Ping Identity Corporation
- What's Federated Identity Management? - eWeek Magazine
- Novell Explains Federated Identity - NetworkWorldFusion Magazine
- Primer: Federated Identity Management - Baseline Magazine
- Liberty Alliance
Many of these articles look like corporate shovelware "Read about how smart we are - give us money" but maybe there's some good stuff in there, too.
This is stuff waaaay outside my normal realm of things, so I'll be doing some reading/thinking about this stuff, and how it might affect CAREO/APOLLO.
The goal is to be able to do something like this scenario:
Mary is a grad student at the University of British Columbia. She logs into an APOLLO collaborative application using her UBC login, and is able to access resources defined by her groups and roles described by her UBC identity.
Bill and Mary are working together on a project, and Bill creates an ad-hoc group in APOLLO for them to share resources privately while collaborating on their development. Once ready for publication, these resources are made available to individuals at both the U of C and UBC.