Provider Federation
The concept of federation, as defined by the Liberty Alliance Project, begins with a ”circle of trust.” A circle of trust is a group of service providers who contractually agree to exchange authentication information using a Liberty-enabled architecture. Each circle of trust must also include at least one identity provider, a service provider that maintains and manages identity data, and provides authentication services.
Note –
The establishment of contractual agreements between providers is beyond the scope of this guide. See Concept of Trust for an overview.
After the contracts and policies defining a circle of trust are in place, the specific protocols, profiles, endpoints, and security mechanisms being used in the deployment are collected into a metadata document that is exchanged amongst the members of the circle of trust. Access Manager provides the tools necessary to integrate the metadata and enable the circle of trust, technologically, as an authentication domain. Authentication within this virtual federation is honored by all membered providers of the authentication domain. For more information, see Authentication Domain.
- © 2010, Oracle Corporation and/or its affiliates