Search:

 

Bandit:

• Overview
• Code, Collaboration, and Development
• FAQs
• Use Cases

Community:

• Contacts
• Planet Bandit
• Technologies we like
• Blogs we read
• Links

Toolbox:

• What links here
• Related changes
• Upload file
• Special pages
• Printable version

• Participate
• Download
• Bandit Bloggers

Personal tools

• Create an account or log in

From Bandit-project.org

Contents 1 Standards 2 Vendors 3 Open Source 4 Research 5 Misc

Standards

As part of Bandit we need to understand the technologies and standards being developed around identities in the industry. The purpose of this page is to identify the technologies and standards we are interested in and getting people signed up to participlate. Please sign up for a technology.

The linked items will contain presentations and discussions about the technology. The status should be active, inactive, or pending.

Item	Catagory	Description	Owner	Status
NIST RBAC	Roles	Standard data model and functional spec for Role Based Access Control	Duane Buss
XACML	Authorization Policy	Oasis XML Access Control Markup Language
DigitalIdentityExchange DIX	Internet Identity	SXIP-like identity standardization via the IETF	Jim Sermershiem and Tom Doman	active
Higgins	Internet Identity	Identity Framework	Common Identity Engineers	active
IMS	Internet Identity	Microsoft's identity system using InfoCard (not really standardized)	Pat Felsted	pending
OATH	Authentication
XRI	Internet Identity		?	inactive
YADIS	Internet Identity	Identity abstraction
OpenID	Internet Identity
LID
PAM	Platform Identity
LDAP	Platform Identity
Kerberos	Platform Identity
Liberty Alliance	Enterprise Identity
SAML	Enterprise Identity
Passel
Shibboleth
WS-*	Web Services	General category to understand the WS-* from Oasis. Categories will be added below for more detail	Pat Felsted	active
WS-Security	Web Services	Oasis security working group	Pat Felsted	active
WS-Federation	Web Services	Oasis federation working group	Pat Felsted	active
WS-Policy	Web Services	A syntax to express additional information required for Web services to communicate.	Pat Felsted	active
Log4J	ARF	A mechanism for loggin in Java - investigating for use in Bandit ARF	Pat Felsted	active
Maven	Tools	Build tool from [www.apache.org]
CBE	Standard	Common Base Events was submitted to OASIS WSDM TC, so its in the base WSDM Specifications, CBE is undergoing a name change to WEF, and info can be found here.
Syslog-conn	Network Protocol	Syslog-conn is documented in IETF RFC 3195 as the standard syslog wire protocol.

Vendors

RBAC on Solaris

Eurkify - Novell Partners

SXIP -Internet Identity

CA eTrust IdentityMinder partner training presentation

CA eTrust IdentityMinder white paper

Open Source

JGuard

Permis

Penrose Virtual Directory

Java Database Abstraction

SPOCP Authorization language

Research

RBAC on the WWW

RBPIM enforcing RBAC in a distributed systems

Induced Role Hierarchies with Attribute Based RBAC

A family of models for rules based role assignement

Misc

hyperdrive

Case study - gsec