<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7650.28">
<TITLE>Requirements: Relationships</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/rtf format -->
<P><FONT SIZE=2 FACE="Arial">Hopefully, everyone had the opportunity to read document I sent that outlines the business scenario(s) we are interested in using OpenID for. Figured I would start taking each theme and sharing requirements with the hope that others will react. </FONT></P>
<P><FONT SIZE=2 FACE="Arial">The requirements for relationship are as follows:</FONT>
</P>
<UL>
<LI><FONT SIZE=2 FACE="Arial">OpenID should embrace and extend the learnings from the Liberty People Service which allows users to define access control for their online resources in terms of their online friends & and business associates.</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">The notion of relationship needs a defined taxonomy to classify the type of relationship. For example, My ID and my Wife's ID would have a relationship labelled as "couple" where the pointer to my wife would either be "wife" or "spouse" and the inverse is also true. Likewise, "wife" and "spouse" in terms of the taxonomy need to define semantics</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">The notion of relationship on the above needs to have the ability to define an ACL in terms of who can see it, assert against it, etc (attribute oriented)</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Yadis should be extended to support above</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Taking the above defined characteristics, we can then say that relationship also needs the ability to define policies to say how relationship can be used (policy oriented). For example, My Wife and I are not only related, but according to policy she has the following priveleges against a defined set of resources. This is where XACML gets incorporated.</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Relationship should also support a pointer to a set of entities along with a taxonomy that defines context. For example, James is an employee of the Hartford as well as James has a bank account with Sovereign Bank. These entities should be defined in a global namespace and be unique.</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Relationships should optionally allow for the ability to specify a start and/or end date.</FONT></LI>
<LI><FONT SIZE=2 FACE="Arial">Relationships may potentially need a revocation / disassociation mechanism</FONT></LI>
</UL>
<FONT SIZE=3><BR>
<BR>
*************************************************************************<BR>
This communication, including attachments, is<BR>
for the exclusive use of addressee and may contain proprietary,<BR>
confidential and/or privileged information. If you are not the intended<BR>
recipient, any use, copying, disclosure, dissemination or distribution is<BR>
strictly prohibited. If you are not the intended recipient, please notify<BR>
the sender immediately by return e-mail, delete this communication and<BR>
destroy all copies.<BR>
*************************************************************************<BR>
</FONT>
</BODY>
</HTML>