ADUCID 4.x

User Tools

Site Tools

Trace:
documentation:identity-proofing

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
documentation:identity-proofing [2018/05/18 11:07]
10.144.24.34 old revision restored (2016/09/08 12:17) 		documentation:identity-proofing [2019/08/01 09:23]
tjotov removed
Line 3: Line 3:
 ADUCID provides authentication. It guarantees that PEIG is identified every single time by AIM and also PEIG always recognized particular AIM. ADUCID provides authentication. It guarantees that PEIG is identified every single time by AIM and also PEIG always recognized particular AIM.
  
-Target application which uses ADUCID authentication needs some key to bind authentication to its own user database. It might use AUDCID UID (User database index), e-mail or any other attribute.+PEIG is assigned to user account using primary key called "UDI" (User database index).
  
-As result particular PEIG (or more PEIGs in replica) are bound to target applicationSo that application “knows” which user requests an operation. +Proofing process assigns UDI to real person (UDI can be generated or anything service provider wants, e.gemail or login name).
- +
-This is only technical perspective of authentication. The most important issue for service provider is to know if that PEIG is owned by “right” person – or “proofed” person. This is accomplished by process called Identity proofing.+
  
 ===== Proofing scenarios ===== ===== Proofing scenarios =====
Line 15: Line 13:
 To proof someone’s identity there has to be some administrator with right to verify and approve users. This administrator has to have role called “registrator” and  has to be proofed and verified using personal factor. To proof someone’s identity there has to be some administrator with right to verify and approve users. This administrator has to have role called “registrator” and  has to be proofed and verified using personal factor.
  
-ADUCID demonstrates and supports these basic scenarios:+ADUCID demonstrates and supports these scenarios:
  
 ==== Activation code ==== ==== Activation code ====
Line 36: Line 34:
 If one AIM contains proofed identities, it can act as identity provider for other AIMs (this scenario must be enabled and supported by both sides). If one AIM contains proofed identities, it can act as identity provider for other AIMs (this scenario must be enabled and supported by both sides).
  
-===== Proofing level ===== 
  
-ADUCID recognizes two proofing levels – with or without personal factor. AIM either support personal factor proofing or not (this decision should be done when AIM is installed).+===== ADUCID proofing support =====
  
-All proofing methods are bound to this setting +Proofing is supported by No-Code integration and ADUCID API methods.
- +
-===== ADUCID proofing support =====+
  
-Proofing is supported by ADUCID server methods and adapters. Application developer can use these methods / adapters to approve (proof) user and evaluate proofing status e.g. you can allow login only for proofed users who successfully provide their personal factor.+For No-Code it is just a role called "APPROVED": 
 + <RequireAll> 
 + Require valid-user 
 + Require role aducid: APPROVED 
 + </RequireAll> 
  
-SDK methods also support proofing form and proofing code.+For development integration  just check proofing status after authentication.
  
 All identity proofing scenarios are demonstrated in proofing applications. These applications can be installed with ADUCID Server Kit as an option. All identity proofing scenarios are demonstrated in proofing applications. These applications can be installed with ADUCID Server Kit as an option.

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki