11.2. A Practical Example: Liberty Alliance

The motivation for Liberty Alliance is simple: to help make interactions between a user and a variety of service providers easier. When dealing with different organizations and businesses, the user would not have to present her identities or state her preferences for the service again and again. After the user has provided her identity and credentials and configured her preferences, the providers' systems will handle identity and preference management issues between themselves and offers the user a single sign-on experience. When privacy is concerned, the user's information is protected either through the use of aliases or partial identities, or by simply only sharing the minimum necessary information. For instance, take the example of when a service provider only needs to know the user's postal zip code to be able to provide weather information. The user's full and true identity should not be revealed for this application.

The definition of identity provided by Liberty Alliance is broader than usual and includes attributes and preferences as well. The attributes and preferences may go into specifying a large number of parameters such as type of devices the users have or the processes that are used in conjunction with providing service to the user. Even though Liberty Alliance has been enhancing the user experience as the main goal of the specification work, it clearly states that enabling businesses to maintain and manage their customer ...

Get AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.