| 摘要 |
A web-based, graphical user interface-driven arrangement for configuring federated access management across a group of federations and associated identity providers is enabled by a centralized server, called a global verification server. The global verification server operates to give service providers who host protected resources (i.e., those that have access restricted to only users having particular attributes, such as being a member of a particular group) a unified view of federations that are typically deployed on a global basis, as well as provides web-based tools to manage federated access. The global verification server also provides a single location on the web where users can go to access protected resources by discovering and using their home identity provider for verified single sign-on. |
