OGC 07-118r9 12 Copyright © 2014 Open Geospatial Consortium [NR19] Apache XML Security http:santuario.apache.orgJavaindex.html [NR20] W3C Recommendation 04 September 2007, Web Services Policy 1.5 - Framework, http:www.w3.orgTRws-policy [NR21] OASIS eXtensible Access Control Markup Language XACML TC http:www.oasis-open.orgcommitteesxacml [NR22] SOAP Version 1.2 Part 1: Messaging Framework Second Edition, W3C Recommendation 27 April 2007, http:www.w3.orgTRsoap12-part1 [NR23] OASIS WS-Trust 1.3 http:docs.oasis-open.orgws-sxws-trust200512ws-trust-1.3-os.pdf [NR24] OASIS WS-Security UsernameToken Profile 1.1 http:docs.oasis-open.orgwssv1.1wss-v1.1-spec-os- UsernameTokenProfile.pdf [NR25] OGC 07-026r2, Geospatial eXtensible Access Control Markup Language GeoXACML, 1.0 [NR26] Web Services Federation Language WS-Federation Version 1.2 http:www.oasis-open.orgappsgroup_publicdownload.php31658ws- federation-1.2-spec-cs-01.doc [NR27] IETF RFC 2616, Hypertext Transfer Protocol -- HTTP1.1 http:www.ietf.orgrfcrfc2616.txt [NR28] IETF RFC 2045, Multipurpose Internet Mail Extensions MIME Part One: Format of Internet Message Bodies http:www.ietf.orgrfcrfc2045.txt [NR29] IETF RFC 3986, Uniform Resource Identifier URI: Generic Syntax http:www.ietf.orgrfcrfc3986.txt [NR30] IETF RFC 2234, Augmented BNF for Syntax Specifications: ABNF http:www.ietf.orgrfcrfc2234.txt [NR31] IETF RFC 6750, The OAuth 2.0 Authorization Framework: Bearer Token Usage http:www.ietf.orgrfcrfc6750.txt [NR32] W3C Recommendation 04 September 2007, Web Services Policy 1.5 – Attachment, http:www.w3.orgTRws-policy-attach [NR33] OASIS WS-SecurityPolicy 1.2, 1 July 2007 http:docs.oasis-open.orgws-sxws-securitypolicy200702ws- securitypolicy-1.2-spec-os.pdf

3.2 Other references

[OR1] Heterogeneous Missions Accessibility – Design Methodology, Architecture and Use of Geospatial Standards for the Ground Segment Support of Earth Observation missions ESA TM-21 http:www.esa.intAbout_UsESA_PublicationsESA_TM- 21_Heterogeneous_Missions_Accessibility [OR2] Shibboleth http:shibboleth.net [OR3] OpenAM http:openam.forgerock.org OGC 07-118r9 13 Copyright © 2014 Open Geospatial Consortium 4 Terms and definitions For the purposes of this document, the following terms and definitions apply: 4.1. Authentication [NR14] Verification that a potential partner in a conversation is capable of representing a person or organization.

4.2. circle of trust

A federation of Service Providers and identity providers within which Service Providers accept the authentication asserted by the identity provider.

4.3. Claim

A statement made about a client, service or other resource e.g. name, identity, key, group, privilege, capability, etc..

4.4. client

Software component that can invoke an operation from a server i.e. a service consumer.

4.5. identifier

A character string that may be composed of numbers and characters that is exchanged between the client and the server with respect to a specific identity of a resource. 4.6. identity provider [NR14] A kind of Service Provider that creates, maintains, and manages identity information for principals and provides principal authentication to other Service Providers within a federation, such as with Web browser profiles.

4.7. interface

Named set of operations that characterise the behaviour of an entity [ISO 19119].

4.8. operation

Specification of a transformation or query that an object may be called to execute [ISO 19119].

4.9. parameter