Scalability Point to Point Federation (2B)

From IIW

Session Topic: Scalability of Point to Point Federation (TU2B)

Convener: Daniel Headrick, Nathan Sowatskey, Dave Jones


Notes-taker(s): Daniel Headrick

Tags for the session - technology discussed/ideas considered:


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:


GE and Cisco hosted a conversation from the enterprise perspective on the current state of federation

Discussion about problems w/ P2P federation

  • Attribute sets are not standard
  • Large number of connections and growing rapidly >100
  • How to do routable identity
  • How to do transitive identity (secondary SPs behind primary SPs)
  • Reusable legal contracts
    • Standard terms and conditions
    • Standard dispute resolution
  • Provisioning and the identity lifecycle
    • Not even a standard model/architecture for how different SPs handle this
    • XACML is not practical

What has Ping experienced?

  • Ping reports that other large enterprises have echoed these concerns

Feedback from the attendees

  • Incommon finds central metadata takes the pain out of connection details
  • HP is rebuilding SABRE: for identity individuals don’t matter at SPs - they are just given a token from their IDP with their role (Alan Karp has a paper)
  • Trust frameworks are an IIW topic that has discussed this allow
    • Defines policy and often technology profiles
    • Examples
      • BioPharma
      • Covisint
      • FICAM
      • Payment Card Industry
      • CCITT Top Domains