Provider Federation
The concept of federation as defined by the Liberty Alliance Project begins with a ”circle of trust.” A circle of trust is a group of service providers who contractually agree to exchange authentication information using a Liberty-enabled architecture. Each circle must also include at least one identity provider. An identity provider is a service provider that maintains and manages identity data, and provides authentication services.
Note –
The establishment of contractual agreements between providers is beyond the scope of this guide. For information, see the Liberty Trust Model Guidelines.
After the contracts and policies defining a circle of trust are in place, the specific protocols, profiles and security mechanisms being used in the deployment are distilled into a metadata document that is exchanged between the members of the circle of trust. Access Manager provides the tools necessary to integrate the metadata and enable the circle technologically as an authentication domain. Authentication within this virtual federation is honored by all membered providers of the authentication domain. For more information, see Authentication Domain.
- © 2010, Oracle Corporation and/or its affiliates