SPAN Design: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
[[Category:SPAN]] |
[[Category:SPAN]] |
||
foo |
|||
== Protocol Design == |
|||
=== Phase 1: Service Discovery === |
|||
(Bluetooth built-in? IP-based: Bonjour?) |
|||
=== Phase 2: Authentification and Authorization === |
|||
All (?) communication can be done using (signed) SAML assertions and protocols |
|||
* Client (mobile phone) authenticates to service device (beamer) |
|||
* Client asks service device for usage access |
|||
* Service device asks client for authorization |
|||
* Client gets authorization from Access Control Manager |
|||
* Client hands authorization over to service device |
|||
* Service device grants access |
|||
Used SAML assertions and protocols: |
|||
* SAML Authentication query |
|||
* SAML Authentication statement |
|||
* SAML Authorization decision query |
|||
* SAML Authorization decision statement |
|||
=== Phase 3: Using the Service === |
|||
... |
|||
Revision as of 14:41, 2 November 2005
Protocol Design
Phase 1: Service Discovery
(Bluetooth built-in? IP-based: Bonjour?)
Phase 2: Authentification and Authorization
All (?) communication can be done using (signed) SAML assertions and protocols
- Client (mobile phone) authenticates to service device (beamer)
- Client asks service device for usage access
- Service device asks client for authorization
- Client gets authorization from Access Control Manager
- Client hands authorization over to service device
- Service device grants access
Used SAML assertions and protocols:
- SAML Authentication query
- SAML Authentication statement
- SAML Authorization decision query
- SAML Authorization decision statement
Phase 3: Using the Service
...