Resource Server: Difference between revisions
Jump to navigation
Jump to search
| Line 10: | Line 10: | ||
==Problems== | ==Problems== | ||
==Solutions== | ==Solutions== | ||
* The solution presented here is one described in [[OAuth 2.0]] and expanded in anticipation of more robust protocols to come from the IETF. | |||
==References== | ==References== | ||
[[Category:Glossary]] | [[Category:Glossary]] | ||
Revision as of 21:53, 12 April 2020
Full Title or Meme
In the context of Identity Management a Resource Server will be a web based server that contains data whose release is controlled by a Subject.
Context
- In the most common case of interest, the Subject will be a natural person that controls access to data that might belong to that person, or be considered to the Personal Information pertaining to that Subject.
- The resource server will have a strong binding to the resource owner, called the Subject here.
- There will exist a record locator identifier associated with the Subject's information on the Resource Server.
- Any resource consumer can request information from from theResource Server using an Authorization from an Authorization Service that has received Consent from the Subject.
Problems
Solutions
- The solution presented here is one described in OAuth 2.0 and expanded in anticipation of more robust protocols to come from the IETF.