...
The slides from the EIC workshop held 4 May 2010 contains a series of diagrams that may be helpful in comparing the architectures of several popular technologies mentioned below.
| UMA + reln mgr | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
login-time attribute transfer |
| yes | yes | yes |
|
|
|
|
| yes |
back-channel controlled access | yes |
| yes. By PDS if self-issed; By UMA if managed. |
| yes | yes |
|
|
| yes |
separate policy decision hub | yes |
| PDS is hub if self-issued; UMA AM is hub if managed |
|
|
| yes |
|
|
|
on-board storage of user data | yes (if RM is a Host) | yes (self-issued cards) | yes (if self-issued cards) (by PDS); | yes |
|
|
| yes (required) |
|
|
user-imposed policy | yes |
| plans to rely on UMA |
| yes | yes (through XACML/CARML) | yes (through CARML) | ? | ? |
|
user-imposed terms | yes |
| plans to rely on UMA |
|
|
|
|
| yes (link contract) | partial (user selection among RP terms) |
binding of ID(s) to data shared | late | early (usually) | early (usually) or late | early | late | late |
| late |
| early |
RESTful/resource oriented | yes |
| yes | yes | yes | potentially (ID-WSF Evo) |
| yes |
| yes |
multi-party write access | user delegates write access | mutual "co-ownership" of data | short term: user delegates write access of block of attributes |
|
|
|
|
|
| user delegates write access |
...