RFC 7831

Application Bridging for Federated Access Beyond Web (ABFAB) Architecture, May 2016

Canonical URL:
https://www.rfc-editor.org/rfc/rfc7831.txt
File formats:
Plain TextPDF
Status:
INFORMATIONAL
Authors:
J. Howlett
S. Hartman
H. Tschofenig
J. Schaad
Stream:
IETF
Source:
abfab (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC7831

Discuss this RFC: Send questions or comments to abfab@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

Over the last decade, a substantial amount of work has occurred in the space of federated access management. Most of this effort has focused on two use cases: network access and web-based access. However, the solutions to these use cases that have been proposed and deployed tend to have few building blocks in common. This memo describes an architecture that makes use of extensions to the commonly used security mechanisms for both federated and non-federated access management, including the Remote Authentication Dial-In User Service (RADIUS), the Generic Security Service Application Program Interface (GSS-API), the Extensible Authentication Protocol (EAP), and the Security Assertion Markup Language (SAML). The architecture addresses the problem of federated access management to primarily non-web-based services, in a manner that will scale to large numbers of Identity Providers, Relying Parties, and federations.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader