Comments on: Federated De-provisioning http://eternallyoptimistic.com/2009/02/05/federated-de-provisioning/ Wed, 10 Aug 2011 17:44:16 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Ian Clark http://eternallyoptimistic.com/2009/02/05/federated-de-provisioning/comment-page-1/#comment-502 Ian Clark Thu, 12 Feb 2009 23:48:57 +0000 http://eternallyoptimistic.com/?p=876#comment-502 Federated provisioning? Consider a company providing and charging for a service (SP) based on the number of connections. Say the number of connections is a function of those people at the identity provider (IdP) who wish to (say) view their pay information. Not all will use the functionality, so the chargeable connections will be less than the total number employed. The responsibility and interest of employee separation processing will be on the part of the IdP administrator, whereas creation of account mapping would be on an as required basis whenever an existing employee choses to register. Separation of users at the SP is an administrative funtion of the IdP administrator as those users are separated from the IdP domain. SPML is merely the conveyance. Federated provisioning?

Consider a company providing and charging for a service (SP) based on the number of connections.

Say the number of connections is a function of those people at the identity provider (IdP) who wish to (say) view their pay information. Not all will use the functionality, so the chargeable connections will be less than the total number employed.

The responsibility and interest of employee separation processing will be on the part of the IdP administrator, whereas creation of account mapping would be on an as required basis whenever an existing employee choses to register.

Separation of users at the SP is an administrative funtion of the IdP administrator as those users are separated from the IdP domain. SPML is merely the conveyance.

]]> By: Janus versus Vulcan in Federated Provisioning « Identity Blogger http://eternallyoptimistic.com/2009/02/05/federated-de-provisioning/comment-page-1/#comment-499 Janus versus Vulcan in Federated Provisioning « Identity Blogger Sat, 07 Feb 2009 03:00:50 +0000 http://eternallyoptimistic.com/?p=876#comment-499 [...] flurry of posts about Federated Provisioning. You can go here to read the latest from Dave Kearns, Pamela Dingle, Ian Glazer, and Nishant Kaushik. These are some really smart people who make some good points, but [...] [...] flurry of posts about Federated Provisioning. You can go here to read the latest from Dave Kearns, Pamela Dingle, Ian Glazer, and Nishant Kaushik. These are some really smart people who make some good points, but [...]

]]> By: pbryan http://eternallyoptimistic.com/2009/02/05/federated-de-provisioning/comment-page-1/#comment-498 pbryan Fri, 06 Feb 2009 19:22:51 +0000 http://eternallyoptimistic.com/?p=876#comment-498 I think a common reason for deferral of any deprovisioning is that personalization and/or profile data not present in any supplied claims are easily captured and persisted within the SP/RP for that user. I think a common reason for deferral of any deprovisioning is that personalization and/or profile data not present in any supplied claims are easily captured and persisted within the SP/RP for that user.

]]>