SPAN Design: Difference between revisions

From
Jump to navigation Jump to search
No edit summary
No edit summary
Line 14: Line 14:
* Client asks service device for usage access
* Client asks service device for usage access
* Service device asks client for authorization
* Service device asks client for authorization
* Client asks Access Control Manager for authorization to access service device
* Client gets authorization from Access Control Manager
* Client gets authorization from Access Control Manager
* Client hands authorization over to service device
* Client hands authorization over to service device

Revision as of 14:42, 2 November 2005


Protocol Design

Phase 1: Service Discovery

(Bluetooth built-in? IP-based: Bonjour?)

Phase 2: Authentification and Authorization

All (?) communication can be done using (signed) SAML assertions and protocols

  • Client (mobile phone) authenticates to service device (beamer)
  • Client asks service device for usage access
  • Service device asks client for authorization
  • Client asks Access Control Manager for authorization to access service device
  • Client gets authorization from Access Control Manager
  • Client hands authorization over to service device
  • Service device grants access

Used SAML assertions and protocols:

  • SAML Authentication query
  • SAML Authentication statement
  • SAML Authorization decision query
  • SAML Authorization decision statement

Phase 3: Using the Service

...

Retrieved from "https://sarwiki.informatik.hu-berlin.de/index.php?title=SPAN_Design&oldid=1914"