User:Renmen80s/Identity Trust Store

This is not a Wikipedia article: It is an individual user's work-in-progress page, and may be incomplete and/or unreliable. For guidance on developing this draft, see Wikipedia:So you made a userspace draft.  Find sources: Google (books · news · scholar · free images · WP refs) · FENS · JSTOR · TWL Easy tools: Citation bot (help) | Advanced: Fix bare URLs This page was last edited by Cydebot (talk | contribs) 5 years ago. (Update timer) Finished writing a draft article? Are you ready to request an experienced editor review it for possible inclusion in Wikipedia?     Submit your draft for review!

Definitions

Function

Security Assertion Markup Language

Security Assertion Markup Language (SAML, pronounced sam-el) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider.

Identity Providers (IdP)

An Identity Provider (IdP), sometimes called an Identity Service Provider or Identity Assertion Provider, is an online service or website that authenticates users on the Internet by means of security tokens, one of which is SAML 2.0. In the WS-Federation Model an Identity Provider is a Security Token Service (STS). Service Providers depend on an Identity Provider or Security Token Service to do the user authentication. OAuth is an important protocol for IdP services as most major web services are also identity providers, mainly through the use of OAuth. These include Google, Facebook, Yahoo, AOL, Microsoft, PayPal, MySpace, and Flickr among many more. Furthermore, all major email providers offer OAuth IDP (Identity Provider) services.

Data Collection Server

A single Data Collection Server is used for illustrative purposes in the above architectures. However individual identities and biometric data may be collected at multiple collection servers, before being operated on and passed to the other entities participating in the protocols.

The DCS is the first entity that has access to the biometric image data before it is securely and privately stored by the BSS. In the privacy protocols described, the DCS does not keep a copy of the image data after it has been securely stored by the BSS, unless stated otherwise. Furthermore this act will typically be auditable to ensure that the image has in fact been permanently deleted.

Two Entities: Data Collection Server with Biometric Storage Server

After an enrolment the DCS will hold the identity data element (IDB), user details record (UDR), and biometric image(s) belonging to an individual. The user details record is stored at the DCS or by external datastores.

See also

• Identity management
• Homomorphic encryption

References

External links

• www.example.com