Talk:Atomic authorization

This article seems too thin. I would like to know how is this different from federated identity and saml assertions? How does this compare to what XOTA does and other extended universal authentication systems? Should sections be added about this? Does atomic authorization supersede other types of authorization?

Is there an atomic form of authentication that coincides with atomic auth?

I think that a classic Bob, Eve and Alice scenario showing atomic authorization in an example would help (me, at least). Shurdloo (talk) 17:57, 15 July 2010 (UTC)

I understand that atomic authorization implementations are done to prevent a single compromise from changing authorizations across multiple users, but I don't think that comes out in this article. It would also help to point out that SAML and XACML on the surface do not provide atomic authorization until the token itself is signed. Then the authorization can be atomic. On the back end database it is only an atomic authorization if a database compromise offers the attacker no ability to manipulate the authorization beyond removing it (failing closed). These would be helpful to graft into the description. —Preceding unsigned comment added by 71.246.246.44 (talk) 01:45, 16 July 2010 (UTC)