%% You should probably cite rfc7831 instead of this I-D. @techreport{ietf-abfab-arch-03, number = {draft-ietf-abfab-arch-03}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-ietf-abfab-arch/03/}, author = {Josh Howlett and Sam Hartman and Hannes Tschofenig and Eliot Lear and Jim Schaad}, title = {{Application Bridging for Federated Access Beyond Web (ABFAB) Architecture}}, pagetotal = 44, year = 2012, month = jul, day = 9, abstract = {Over the last decade a substantial amount of work has occurred in the space of federated access management. Most of this effort has focused on two use-cases: network and web-based access. However, the solutions to these use-cases that have been proposed and deployed tend to have few common building blocks in common. This memo describes an architecture that makes use of extensions to the commonly used security mechanisms for both federated and non- federated access management, including the Remote Authentication Dial In User Service (RADIUS) and the Diameter protocol, the Generic Security Service (GSS), the GS2 family, the Extensible Authentication Protocol (EAP) and the Security Assertion Markup Language (SAML). The architecture addresses the problem of federated access management to primarily non-web-based services, in a manner that will scale to large numbers of identity providers, relying parties, and federations.}, }