📄 liberty-authentication-context-v1.3.xsd
字号:
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="ZeroKnowledge">
<xs:annotation>
<xs:documentation>
This element indicates that the Principal has been authenticated by a zero knowledge technique as specified in ISO/IEC 9798-5.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="SharedSecretChallengeResponse">
<xs:annotation>
<xs:documentation>
This element indicates that the Principal has been authenticated by a challenge-response protocol utilizing shared secret keys and symmetric cryptography.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="DigSig">
<xs:annotation>
<xs:documentation>
This element indicates that the Principal has been authenticated by a mechanism which involves the Principal computing a digital signature over at least challenge data provided by the IdP.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="IPAddress">
<xs:annotation>
<xs:documentation>
This element indicates that the Principal has been authenticated through connection from a particular IP address.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="AsymmetricDecryption">
<xs:annotation>
<xs:documentation>
The local system has a private key but it is used in decryption mode, rather than signature mode. For example, the Authentication Authority generates a secret and encrypts it using the local system's public key: the local system then proves it has decrypted the secret.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="AsymmetricKeyAgreement">
<xs:annotation>
<xs:documentation>
The local system has a private key and uses it for shared secret key agreement with the Authentication Authority (e.g. via Diffie Helman).
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="SharedSecretDynamicPlaintext">
<xs:annotation>
<xs:documentation>
The local system and Authentication Authority share a secret key. The local system uses this to encrypt a randomized string to pass to the Authentication Authority.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="AuthenticatorTransportProtocol" type="AuthenticatorTransportProtocolType">
<xs:annotation>
<xs:documentation>
The protocol across which Authenticator information is transferred to an Authentication Authority verifier.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="HTTP">
<xs:annotation>
<xs:documentation>
This element indicates that the Authenticator has been transmitted using bare HTTP utilizing no additional security protocols.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="IPSec">
<xs:annotation>
<xs:documentation>
This element indicates that the Authenticator has been transmitted using a transport mechanism protected by an IPSEC session.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="WTLS">
<xs:annotation>
<xs:documentation>
This element indicates that the Authenticator has been transmitted using a transport mechanism protected by a WTLS session.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="MobileNetworkNoEncryption">
<xs:annotation>
<xs:documentation>
This element indicates that the Authenticator has been transmitted solely across a mobile network using no additional security mechanism.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="MobileNetworkRadioEncryption">
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="MobileNetworkEndToEndEncryption">
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="SSL">
<xs:annotation>
<xs:documentation>
This element indicates that the Authenticator has been transmitted using a transport mechanism protected by an SSL or TLS session.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="OperationalProtection" type="OperationalProtectionType">
<xs:annotation>
<xs:documentation>
Refers to those characteristics that describe procedural security controls employed by the Authentication Authority.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="SecurityAudit" type="SecurityAuditType"/>
<xs:element name="SwitchAudit">
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="DeactivationCallCenter">
<xs:complexType>
<xs:sequence>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="GoverningAgreements" type="GoverningAgreementsType">
<xs:annotation>
<xs:documentation>
Provides a mechanism for linking to external (likely human readable) documents in which additional business agreements,(e.g. liability constraints, obligations, etc) can be placed.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="GoverningAgreementRef" type="GoverningAgreementRefType"/>
<xs:element name="AuthenticatingAuthority" type="AuthenticatingAuthorityType">
<xs:annotation>
<xs:documentation>
The Authority that originally authenticated the Principal.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:complexType name="IdentificationType">
<xs:sequence>
<xs:element ref="PhysicalVerification" minOccurs="0"/>
<xs:element ref="WrittenConsent" minOccurs="0"/>
<xs:element ref="Extension" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
<xs:attribute name="nym">
<xs:annotation>
<xs:documentation>
This attribute indicates whether or not the Identification mechanisms allow the actions of the Principal to be linked to an actual end user.
</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:NMTOKEN">
<xs:enumeration value="anonymity"/>
<xs:enumeration value="verinymity"/>
<xs:enumeration value="pseudonymity"/>
</xs:restriction>
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -