PNDA forum discussion

Motivation

This is a large area and is divided into several separate topics -

Access control between users & services

Identity - a consistent notion of what constitutes an identity across PNDA & the execution of functions for that identity

Authentication - a consistent approach to establishing the veracity of identities across PNDA

Authorization - a consistent approach to controlling what an authenticated identity can & cannot do across PNDA

Some of the key areas to be addressed include -

Securing interaction between services

This also sub-divides into identity, authentication & authorization. Typically, we will use TLS on links and mutually authenticate on certificates.

Proposal


Overall Plan

Identity

Gateway

Authentication

Authorization

Phases