Geeks With Blogs

Connected Systems Chilled Out Blog Hanging stuff together in a meaningful way with some fun added

WCF introduces a claims-based approach to security at service boundaries, improving on role-based and permission-based security models. Claims can represent many different types of information including identity, roles, permissions or rights and even general information about the caller that may be useful to the application. A set of claims is also vouched for by an issuer such as a security token service, adding credibility to the information described by each claim – something not present in role-based or permission-based models. An additional benefit of using a claims-based security model is that it supports federated and single sign-on scenarios.

For an excellent pair of articles on this from Michele Leroux Bustamente goto:

http://www.theserverside.net/tt/articles/showarticle.tss?id=ClaimsBasedSecurityModel

and

http://www.theserverside.net/tt/articles/showarticle.tss?id=ClaimsBasedSecurityModel2

Posted on Wednesday, June 20, 2007 1:02 AM | Back to top


Comments on this post: Building a Claims-Based Security Model in WCF

No comments posted yet.
Your comment:
 (will show your gravatar)


Copyright © BizTalk Visionary | Powered by: GeeksWithBlogs.net