Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "PDS 2.0"
| Line 1: | Line 1: | ||
| − | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}} | + | {{#eclipseproject:technology.higgins|eclipse_custom_style.css}} This page describes the Higgins Personal Data Store. For an overview see [[Personal Data Store Overview]]. |
| − | This page describes the Higgins Personal Data Store. For an overview see [[Personal Data Store Overview]]. | + | |
| − | + | The PDS is comprised of a number of components shown in the diagram shown here [[[[Personal Data Store Overview]]. | |
| − | + | ||
| − | + | === PDS Agent === | |
| − | + | *An evolution of the Cloud Selector 1.1 from Higgins 1.1 with broader functionality. <br> | |
| − | + | === Data Representation === | |
| − | + | Within a PDS a single individual is represented as a set of containers called Contexts each of which holds a digital identity called a Person. Each person instance has a set of attributes and values. Thus one individual (natural person, data subject) is represented as multiple Person entities each in its own context-container. | |
| − | [[Image: | + | [[Image:Tla intro 2.0.108.png|center]] |
| − | The [[ | + | The data in these [[Context]]s adheres to the Higgins [[Persona Data Model 2.0]], which can be used for storing arbitrary (identity and social networking) data. [[UDI]] references are used for representing links between [[Context]]s, both inside the [[Personal Data Store 2.0]] and to external data stores. |
| − | *The [[Org.eclipse.higgins.idas.udi|UDI Resolver]] is configured to support '''sync://''' UDIs | + | === PDS Vault === |
| + | The PDS vault is a variant of the [[IdAS Proxy Service]], with the following changes: | ||
| + | |||
| + | *The [[Org.eclipse.higgins.idas.udi|UDI Resolver]] is configured to support '''sync://''' UDIs | ||
*The [[Org.eclipse.higgins.idas.registry|IdAS Registry]] is configured to include the [[Org.eclipse.higgins.idas.cp.rdf2|RDF2]] [[Context Provider]]. | *The [[Org.eclipse.higgins.idas.registry|IdAS Registry]] is configured to include the [[Org.eclipse.higgins.idas.cp.rdf2|RDF2]] [[Context Provider]]. | ||
| − | The [[IdAS Proxy Service]] is layered over the [[Attribute Service 1.1]] to provide a bi-directional, synchronizing XDI endpoint over data managed by Context Provider plug-ins to the IdAS package. These context providers area also data adapters to a variety of back end data stores. | + | The [[IdAS Proxy Service]] is layered over the [[Attribute Service 1.1]] to provide a bi-directional, synchronizing XDI endpoint over data managed by Context Provider plug-ins to the IdAS package. These context providers area also data adapters to a variety of back end data stores. |
| − | The | + | The PDS Vault can be accessed by: |
| − | * Sending [[XDI]] messages to its endpoint | + | |
| − | * Using the following low level client libraries: | + | *Sending [[XDI]] messages to its endpoint |
| + | *Using the following low level client libraries: | ||
**[[Org.eclipse.higgins.idas.client]] (Java IdAS Client) | **[[Org.eclipse.higgins.idas.client]] (Java IdAS Client) | ||
| − | **[[Org.eclipse.higgins.idasclient.cpp.core]] (C++ IdAS Client) | + | **[[Org.eclipse.higgins.idasclient.cpp.core]] (C++ IdAS Client) |
| − | * Using the [[PDS Client]] (under development) | + | *Using the [[PDS Client]] (under development) |
| + | |||
| + | === PDS Client === | ||
| + | |||
| + | The [[PDS Client 2.0]] is a library used to access the [[Personal Data Store 2.0]]. | ||
| − | === | + | === Authentication (AuthN) Service === |
| − | + | ||
| − | + | The [[IdAS Proxy Service 2.0]] and [[Attribute Service 2.0]] require access tokens minted by the [[Authentication Service 2.0]]. Eventually the [[I-Card Service]] and [[CardSync Service]] will also rely on this external authN service. | |
| − | The [[IdAS Proxy Service 2.0]] and [[Attribute Service 2.0]] require access tokens minted by the [[Authentication Service 2.0]]. Eventually the [[I-Card Service]] and [[CardSync Service]] will also rely on this external authN service. | + | |
| − | ===Authorization Manager === | + | === Authorization Manager === |
| − | + | ||
| − | + | *Authorization Manager (planned) gives the user control over the flows of data from a managed relationship card provider to a relying party. We plan to use/adapt Kantara UMA protocols. | |
| − | * | + | |
Revision as of 16:22, 12 July 2010
{{#eclipseproject:technology.higgins|eclipse_custom_style.css}} This page describes the Higgins Personal Data Store. For an overview see Personal Data Store Overview.
The PDS is comprised of a number of components shown in the diagram shown here [[Personal Data Store Overview.
Contents
PDS Agent
- An evolution of the Cloud Selector 1.1 from Higgins 1.1 with broader functionality.
Data Representation
Within a PDS a single individual is represented as a set of containers called Contexts each of which holds a digital identity called a Person. Each person instance has a set of attributes and values. Thus one individual (natural person, data subject) is represented as multiple Person entities each in its own context-container.
The data in these Contexts adheres to the Higgins Persona Data Model 2.0, which can be used for storing arbitrary (identity and social networking) data. UDI references are used for representing links between Contexts, both inside the Personal Data Store 2.0 and to external data stores.
PDS Vault
The PDS vault is a variant of the IdAS Proxy Service, with the following changes:
- The UDI Resolver is configured to support sync:// UDIs
- The IdAS Registry is configured to include the RDF2 Context Provider.
The IdAS Proxy Service is layered over the Attribute Service 1.1 to provide a bi-directional, synchronizing XDI endpoint over data managed by Context Provider plug-ins to the IdAS package. These context providers area also data adapters to a variety of back end data stores.
The PDS Vault can be accessed by:
- Sending XDI messages to its endpoint
- Using the following low level client libraries:
- Org.eclipse.higgins.idas.client (Java IdAS Client)
- Org.eclipse.higgins.idasclient.cpp.core (C++ IdAS Client)
- Using the PDS Client (under development)
PDS Client
The PDS Client 2.0 is a library used to access the Personal Data Store 2.0.
Authentication (AuthN) Service
The IdAS Proxy Service 2.0 and Attribute Service 2.0 require access tokens minted by the Authentication Service 2.0. Eventually the I-Card Service and CardSync Service will also rely on this external authN service.
Authorization Manager
- Authorization Manager (planned) gives the user control over the flows of data from a managed relationship card provider to a relying party. We plan to use/adapt Kantara UMA protocols.