Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Lexicon

Following is a working lexicon, very much subject to change. Some or all of this lexicon may be added to the core protocol specification or other documents.

An authorizing user is a web user (a natural person) who interacts with an AM service in order to instruct an AM how to make access decisions when a requester attempts to access a protected resource on a host. An authorizing user is the sole party capable of forging an access authorization agreement with a requesting party.

A protected resource is an access-restricted resource (per [HTTP]) that can be obtained from a host with the authorization of an AM and, indirectly, an authorizing user.

An access authorization agreement is a contract forged by an authorizing user and a requesting party, governing the requesting party's access to protected resources controlled by the authorizing user.

An authorization manager (AM) is an endpoint in the UMA software protocol that interacts, in the role of an HTTP server (per [HTTP]), with hosts in order to convey resource access decisions and with requesters in order to determine their suitability for access. An AM application is software that implements an AM, and an AM service is an AM application that is deployed on a network. The legal or natural person(s) who run an AM service are authorization intermediaries that are not direct parties to any access authorization agreement.

A host is an endpoint in the UMA software protocol that interacts with AMs in the role of an HTTP client (per [HTTP]) in order to receive and act on access decisions, and with requesters in the role of an HTTP server (also per [HTTP]) in order to respond to access attempts. A host application is software that implements a host, and a host service is a host application that is deployed on a network. The legal or natural person(s) who run a host service are hosting intermediaries that are not direct parties to any access authorization agreement.

A host service user is a web user (a natural person) who interacts with a host service in order to use and configure it for resource hosting. In general, a user of a host service is identical to the user who authorizes access to resources at the same host, but in special cases they may be different people.

A requester is an endpoint in the UMA software protocol that interacts with hosts and AMs in the role of an HTTP client (per [HTTP]) to attempt, and receive authorization for, access to a protected resource. A requester application is software that implements a requester, and a requester service is a requester application that is deployed on a network. The legal or natural person(s) who deploy a requester application in a running service may be requesting intermediaries that that are not direct parties to any access authorization agreement, or one or them may be a requesting party.

A requesting party is either a legal person (such as a company running a requester service), or a natural person (a web user) who interacts with a requester service run by a requesting intermediary, in order to seek protected resource access on its own behalf. In either case, a requesting party is the sole party capable of forging an access authorization agreement with an authorizing user.

  • No labels