TAS$^3$ Architecture (Deliverable 2.1, Draft 20)

Jun 29, 2010

Download as pdf
Multi page

Table of Contents (monolithic)

1 Introduction
1.1 TAS³ Architecture at Glance
1.2 Methodology
1.3 Normative Claim
1.4 Review of Previous Work
1.5 Reader's Guide
2 TAS³ High Level Architecture
2.1 Overview
2.2 Basic Architectural Entities
2.2.1 Major Components
2.2.2 Enforcement Points on Web Service Call Path
2.2.3 Authorization Subcontinent
2.3 Major Flows: Front Channel and Back Channel
2.4 Overview of Data Models
2.4.1 Federation Relations for Core Security Architecture
2.4.2 Personal Data and Applications
2.4.3 Using Sticky Policies to Protect Data
2.4.4 Using Encryption to Protect Data
2.5 Authorization Process
2.6 Enforcement Process
2.7 Configuration Process
2.8 Audit
3 Core Security Architecture
3.1 Flows
3.2 Tokens, Access Credentials
3.2.1 Attribute Pull Model
3.2.1.1 Front Channel
3.2.1.2 Front Channel Using Identity Selector
3.2.1.3 Back Channel, Simple
3.2.1.4 IM Bootstrap Token Minting and Passing through Front Channel
3.2.1.5 Improvement Idea: Late IM Token Request
3.2.1.6 Back Channel, Recursive
3.2.2 Linking Service: Attribute Push Model
3.2.2.1 N-Tier Linking Service Model
3.2.3 Simple Attribute Push Model
3.3 Delegation
3.3.1 Invitation Based Token Approach
3.3.1.1 Details of the Invitation Flow
3.3.1.2 Reuse of Invitation
3.3.1.3 Application of Invitation Approach to Back Channel Web Service Calls
3.3.2 Mandate Tokens Approach
3.3.3 Delegation by Direct Authorization Rule
3.3.4 Delegation by Role Based Authorization Rule
3.3.5 Token Based Delegation to Well Known Delegatee
3.3.6 Token Based Delegation of a Received Role
3.3.7 Multi-layer (Chained) Delegation
3.4 Subject of the PII Not Present -Transaction
3.5 Break-the-Glass Authorization
3.6 Trust and Privacy Negotiation
3.7 Interoperation Across Trust Networks
3.7.1 Semantic Interoperability Engine
3.8 Properties of Web Service Binding
4 Application Specific Architecture
4.1 Protocol Support for Conveyance of Sticky Policies
4.2 Legacy Integration Strategy
4.3 ADPEP
4.4 Reputation Feedback
4.5 Business Process Registration
5 Using Business Process Modelling to Configure the Components
6 Oversight and Monitoring
6.1 Dashboard
6.2 Right of Access, Rectification, and Deletion
6.2.1 Identification of Originating Authority
6.2.2 Facilitating Self Service Interface to Right of Access
6.2.3 Propagation of Rectifications by the Originating Authority
6.3 On-line Compliance Testing
6.3.1 Involved Actors
6.3.2 On-line Testing Process and Architecture
6.4 Operations Monitoring and Intrusion Detection
6.5 Log Audit
6.5.1 Log Collection and Storage
6.5.2 Privacy Issues: What to Collect and What to Report
6.6 Formal Compliance Audits
6.7 Administrative Oversight
7 Conclusion: TAS³ is Secure and Trustworthy
8 Enumeration of Audit Events
9 TAS³ Risk Assessment
9.1 Executive Summary
10 User Centricity of TAS³
10.1 Executive Summary
10.2 Defining elements of user-centricity in TAS³
10.2.1 The user's ability to express privacy preferences [SEW1]
10.2.2 The user's ability to manage his own partial identities
10.2.3 The user's ability to express trust preferences and provide feedback
10.2.4 The user's ability to view his personal data
10.2.5 Enhanced transparency