Scalability Point to Point Federation (2B)
From IIW
Session Topic: Scalability of Point to Point Federation (TU2B)
Convener: Daniel Headrick, Nathan Sowatskey, Dave Jones
Notes-taker(s): Daniel Headrick
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
GE and Cisco hosted a conversation from the enterprise perspective on the current state of federation
Discussion about problems w/ P2P federation
- Attribute sets are not standard
- Large number of connections and growing rapidly >100
- How to do routable identity
- How to do transitive identity (secondary SPs behind primary SPs)
- Reusable legal contracts
- Standard terms and conditions
- Standard dispute resolution
- Provisioning and the identity lifecycle
- Not even a standard model/architecture for how different SPs handle this
- XACML is not practical
What has Ping experienced?
- Ping reports that other large enterprises have echoed these concerns
Feedback from the attendees
- Incommon finds central metadata takes the pain out of connection details
- HP is rebuilding SABRE: for identity individuals don’t matter at SPs - they are just given a token from their IDP with their role (Alan Karp has a paper)
- Trust frameworks are an IIW topic that has discussed this allow
- Defines policy and often technology profiles
- Examples
- BioPharma
- Covisint
- FICAM
- Payment Card Industry
- CCITT Top Domains