|
This document is an Internet2 Document and is in compliance with relevant Internet2 document standards.
Internet2 Documents are working documents of Internet2, its areas, and its working groups.
This document is a submission from the MACE-Dir WG of the Internet2 Middleware Initiative. Comments should be sent to mace-dir-comments at internet2.edu.
There are a growing number of situations where a standardized representation of an entity's group memberships would help support interoperation between multiple processes and systems. The Internet2 Middleware Initiative projects Grouper and Signet are two cases in point. This document proposes a simple information model for group and membership concepts. Other documents define recommended bindings or mappings from this information model to specific protocols such as LDAP and SAML.
Entities (people, organizations, etc.) can belong to groups. Any given instance of membership relates one entity to one group. There are two ways to look at a given membership:
1) Entity E is a member of Group G, or
2) Group G has Entity E as one of its members.
Highlighted end of the association |
Name of directional association |
Multiplicity |
Definition |
---|---|---|---|
Entity | isMemberOf | 0..* | The entity at one end of the association is a member of the group at the other end |
Group | hasMember | 0..* | The group at one end of the association has the entity at the other end as one of its members |
Keith Hazelton | |
University of Wisconsin-Madison | |
1210 W. Dayton St. | |
Madison, WI 53706 | |
US | |
Phone: | +1 608 262 0771 |
EMail: | hazelton@doit.wisc.edu |