Role as Identity and Organizational Trust

From IIW
Revision as of 12:59, 7 February 2011 by WikiSysop (talk | contribs) (Undo revision 3249 by Igiwydijok (Talk))

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Conference IIW8 Room/Time: 3/D

Convener: Justin Richer

Notes-taker: Justin Richer


Technology Discussed/Considered: SAML, XACML, Liberty, OpenID

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

There are many instances where a user or system will care less about the individual identity of someone they are interacting with than the role that that individual is inhabiting. Take, for example, a call to a helpdesk. The caller, in general, doesn't care exactly who is on the other end of the line, only that they are taking the role of helpdesk technician. Even though this role is filled by an individual, it may be filled by different individuals at different times, each of them needing the same privileges afforded by their role.

The questions that come from this, then, center around how a user inhabits this role and how this user is presented within the context of the system. Who decides that a user can take on a given role, and when? How does a user take on a role for a given context? There was a general consensus that the role is an attribute assigned to an individual's identity, but there was disagreement as to how that identity obtains that attribute. As for display, do we suppress the individuality of the user's identity in favor of the role? Do we strip it off altogether?

Within a circle of trust setup, such as inside of SAML or XACML affiliation, this problem is largely a matter of asserting the right attributes to the right accounts and testing for access against those attributes. Here the roles can be trusted because the system can be trusted to assert a given attribute for a user.

There was a notion of Digital Visitor's passes: when someone visits a facility and is given a temporary visitor's badge, they are granted certain access to the facility via this badge. They effectively inhabit the role of "visitor", which will only be valid for a certain time frame.

This problem remains unsolved (and seemingly unaddressed) in the fully distributed world of technologies like OpenID.