Frequently Asked Questions
Q: What does an Identity Provider (IdP) do?
A:
• Allow SSO, within the institution and federation.
• Maintain
user attributes while protecting privacy.
• Know the SPs in the
federation, so they only send user attributes to trusted SPs.
•
Allow idp administrators and individual users to control the
attribute release.
A:
• Protect web applications to only be accessed by federation idp
users
• Control access to service (who can access what) based on
the attributes received from an IdP, i.e. they implement
attribute-based access control.
• Know the IdP in the federation,
so they only accept user assertions from trusted IdP.
A: If you identity affiliation is a CARSI-idp, you can use federation shared resources under the agreement between your home idp and the visited resource. If you have no CARSI-idp identity, you can register an open-idp identity and become a federation guest user. Only parts of the shared resources can be visited by the Open-IdP users depending on the resource visiting policy.
Q: How can I register an Open-IDP account?
A:
1. visit http://carsi.edu.cn, choose to be a user.
2. select
Open-IdP -& Registering an account.
3. fill in the form and submit.
4. get your account.