9. ¡ Decentralized
Single
Sign
On
¡ Single
user
profile
¡ Widely
used
for
community
&
collaboration
aspects
¡ Multifactor
Authentication
[Infocard,
XMPP]
27. Defines Policy
Administration
Point
Administrator
28. Access Policy
Enforcement
Point
Policy
Decision
Point
29. Access Policy
Enforcement
Point
Policy
Decision
Point
30. Policy Policy
Decision Information
Point Point
31. ¡ The
de-‐facto
standard
for
authorization
¡ Support
for
multiple
PIPs
¡ Policy
distribution
¡ Decision
/
Attribute
caching
¡ UI
wizard
for
defining
policies
¡ Notifications
on
policy
updates
¡ TryIt
tool
32. EntitlementService
EntitlementPolicyAdminService
SOAP
SOAP
Attribute Finder Policy Decision Point
Extensions Decision Policy
Extensions Administration
Cache
Attribute Point
Cache XACML
Engine
Default
Finder
Policy Cache
LDAP
33.
34.
35.
36.
37.
38. ¡ User
stores
with
LDAP/AD/JDBC
¡ OpenID
¡
SAML2
¡
Kerberos
¡
Information
Cards
¡
XACML
¡
OAuth
¡
Security
Token
Service
with
WS-‐Trust