Application |
Purpose (email, science, bug tracking, etc) |
Source |
Language (Perl, C, Java) |
Level of Domestication: Groups |
Level of Domestication: Authentication |
Level of Domestication: Authorization |
Provisioning/ |
Schema Compliance |
Overall certification of Domestication |
Confluence |
Wiki |
Commercial product |
Java |
3 |
2 |
3 |
Possible, not standardized |
None |
Tin (or Silver, if we're being InCommon-ish) |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Definition of Application Domestication
The ability to externalize group management, authentication, and/or authorization from within the application, allowing for the use of federated identity by that application. What does federated groups look like? Would a situation like Confluence that can use LDAP for groups count as level 1 or level 3? Level of Domestication
Level 5 - planning stages only or not useful = blackbox, internal, not provisionable
Level 4 - purely internal = internal, provisionable
Level 3 - LDAP
Level 2 - Not standards compliant but offers a local something that could be standards compliant (if there is a standard) ; community contribution plug-in = external, unsupported
Level 1a - Out of the box works with standard federated technologies, needs simple configuration without writing code = external, supported, federated
Level 1b - external, supported, some additional work needed
Include info on source code license agreements (apache, gnu, other?)
Targeted towards Application Integrators
App that has built in support for SAML is good, versus something that as in-house customizable thing that can be used; versus something that only integrates with LDAP (not nec. Useful in a federated environment); versus internal only
What to include - just ones we know about, some "FAQ" type ones, more
This is like calculating LOA. So overall, have a summary level that says, at the end of the day, the app is silver/gold/platinum (tin/pewter/aluminum); model the certification on the InCommon list
Compliance for data interchangeability