Three Party Authentication Use Case: Difference between revisions
m (4 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:04, 28 June 2018
Status: Proposed This Use Case has been submitted as a new entry to the Use Cases Catalog. It has not yet been validated or reviewed.
Title: Three Party Authentication
Use Case Description: A three-party model involves a user, an independent identity provider, and a service provider. In general, the user authenticates to the identity provider. After successful authentication, the identity provider issues an assertion to the service provider indicating that the user has successfully authenticated to the identity provider. The service provider in this case outsources authentication to the identity provider and accepts the authentication assertion of the identity provider. A service provider accepts a user’s access requests to its service based on a successful authentication assertion from the identity provider. ( NISTIR 7817 Section 2.2 )
Use Case Category: Authentication, Identity
Contributor: Scott Shorter extracted from NISTIR 7817
Use Case Details
Actors:
- Identity Provider - Authenticates Users and issues assertions to Service Providers
- Service Provider - Accepts assertions from Identity Providers
- User - authenticates to Identity Provider, wishes to access service from Service Provider
Goals:
Assumptions:
Requirements:
Process Flow:
Success Scenario:
Error Conditions:
Relationships
- Extended by:
- Extends: