Search This Blog

Saturday, March 22, 2008

Liberty Alliance Web Services Framework: A Technical Overview

This overview document enumerates the major features of Liberty Web
Services, a framework for identity-based services that provides added
value for identity, security, and privacy above and beyond basic web
services, and thereby makes identity data portable across domains. The
term Liberty Web Services comprises the Identity Web Services Framework
(ID-WSF) and the Identity Service Interface Specifications (ID-SIS) that
take advantage of that framework. Together, these two pieces enable
identity-based services -- web services associated with the identity
attributes of individual users. Why are identity-based services valuable?
Fundamentally, because they enable a user's identity data to be portable
across the many Web applications that, if able to access these attributes,
can provide a more customized and meaningful experience to the user,
whilst removing from that user the burden of manually repeatedly
providing and managing their identity attributes at each. ID-WSF builds
on many existing standards for networking and distributed computing, and
adds specialized capabilities for handling identity-related information
and tasks and for ensuring privacy and security. With ID-WSF providing
the addressing, security and privacy plumbing -- different ID-SIS
specifications define the specific syntax and semantics for sharing
different slices of your identity attributes. For instance, a Calendar
SIS specifies how the travel service would query the user's Calendar
Service for free blocks, or write an event. Other ID-SIS specifications
either already exist or can be defined for other aspects of your
identity, e.g., The user's personal profile, geolocation, presence, or
wallet... An identity-based service is a web service associated with a
particular user, i.e., a web service at which a user's calendar
information can be accessed. Identity-based services require
functionality beyond that necessary for basic web services not associated
with a given user -- particularly in the areas of identity, security, and
privacy. Liberty ID-WSF specifications define the addressing, security
and privacy plumbing -- and different Liberty ID-SIS specifications define
the specific syntax and semantics for sharing different slices of identity
attributes. Together, ID-WSF and ID-SIS make identity data portable in a
secure and privacy-respecting manner.

No comments: