1. Field of the Invention
The present invention relates to an improved data processing system and, in particular, to a method and apparatus for multicomputer data transferring. Still more particularly, the present invention is directed to networked computer systems.
2. Description of Related Art
To reduce the costs of user management and to improve interoperability among enterprises, federated computing spaces have been created. A federation is a loosely coupled affiliation of enterprises which adhere to certain standards of interoperability; the federation provides a mechanism for trust among those enterprises with respect to certain computational operations for the users within the federation. For example, a federation partner may act as a user's home domain or identity provider. Other partners within the same federation may rely on the user's identity provider for primary management of the user's authentication credentials, e.g., accepting a single-sign-on token that is provided by the user's identity provider.
As enterprises move to support federated business interactions, these enterprises should provide a user experience that reflects the increased cooperation between two businesses and minimizes the operational burdens of a user. Within these federations, these enterprises have begun to interoperate to support a variety of federation protocols of which a user may be unaware or may be only minimally aware. For example, federated enterprises may perform various types of operations for user account management, such as managing a user-specific alias identifier, that might require minimal interaction with the user to complete an operation. The federated enterprises should cooperate to an extent that the user is not confused or overburdened with knowledge of the underlying mechanism by which such types of operations are coordinated.
However, there is a tradeoff that should be considered in the implementation of these operations within a federation. Various operations, such as those that might require minimal interaction with the user to complete an operation, should also be performed in a manner that is efficient for the federated enterprises, particularly for those types of operations that might be required across all users within an enterprise. For example, when a particular operation needs to be performed for thousands or millions of users, such as all customers of a particular enterprise, the mechanism for performing the operation needs to be scalable such that it does not overburden the computational resources of the federated enterprise, yet these various types of operations may be implemented in a variety of ways that vary in their burdens upon the federated enterprises that are involved with the necessary operation.
One manner of addressing the burden on computational resources within a federated enterprise is to implement the federated functionality within a distributed data processing system. For example, the services of an identity provider could be supported within a distributed data processing system. However, the characteristics of a distributed data processing system may be problematic; some of the requirements of federated protocol operations would complicate the implementation of the functionality for performing those federated protocol operations within a distributed data processing system.
More specifically, federated entities, such as identity providers and service providers, generate data objects within a federated environment. Many federated operations or protocol profiles employ artifacts to retrieve data objects. The referential relationship between artifact-referenced data objects and associated artifacts must be maintained in any federated computational environment, whether or not the federated entity is implemented as a type of distributed data processing system. Although the functionality for performing federated protocol operations that employ artifacts may be implemented as a distributed data processing system, any such implementation would be complicated by the characteristics of a distributed data processing system.
Therefore, it would be advantageous to implement a federated enterprise and its computational infrastructure such that federated protocol operations within the data processing systems of the federated enterprises can be efficiently and configurably managed. It would be particularly advantageous to efficiently implement functionality for federated protocol operations within a distributed data processing system, particularly the functionality for performing federated protocol operations that employ artifacts.