{"draft":"draft-ietf-abfab-arch-13","doc_id":"RFC7831","title":"Application Bridging for Federated Access Beyond Web (ABFAB) Architecture","authors":["J. Howlett","S. Hartman","H. Tschofenig","J. Schaad"],"format":["ASCII","HTML"],"page_count":"46","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Application Bridging for Federated Access Beyond web","abstract":"Over the last decade, a substantial amount of work has occurred in\r\nthe space of federated access management.  Most of this effort has\r\nfocused on two use cases: network access and web-based access.\r\nHowever, the solutions to these use cases that have been proposed and\r\ndeployed tend to have few building blocks in common.\r\n\r\nThis memo describes an architecture that makes use of extensions to\r\nthe commonly used security mechanisms for both federated and\r\nnon-federated access management, including the Remote Authentication\r\nDial-In User Service (RADIUS), the Generic Security Service\r\nApplication Program Interface (GSS-API), the Extensible\r\nAuthentication Protocol (EAP), and the Security Assertion Markup\r\nLanguage (SAML).  The architecture addresses the problem of federated\r\naccess management to primarily non-web-based services, in a manner\r\nthat will scale to large numbers of Identity Providers, Relying\r\nParties, and federations.","pub_date":"May 2016","keywords":["Federated Authentication","AAA","RADIUS","Diameter","GSS-API","EAP","SAML"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC7831","errata_url":null}