标准摘要
[中文适用范围]: 本文档定义了如何在 Web 服务接口上对用户和访问方进行身份验证。 它还定义资源所有者如何将对其资源的访问权限委托给访问方。 在此背景下,本文件还定义了必要的角色以及这些角色之间所需的职责分离,以便满足安全、数据隐私和数据保护方面的要求。 角色的所有条件和依赖关系都是使用 OAuth 2.0[1] 兼容框架和 OpenID Connect 1.0[2] 兼容框架的参考实现来定义的。 [外文原描述]: This document defines how to authenticate users and accessing parties on a web-services interface. It also defines how a resource owner can delegate access to its resources to an accessing party. Within this context, this document also defines the necessary roles and required separation of duties between these in order to fulfil requirements stated on security, data privacy and data protection. All conditions and dependencies of the roles are defined towards a reference implementation using OAuth 2.0 compatible framework and OpenID Connect 1.0 compatible framework.
英文名称Road vehicles — Extended vehicle (ExVe) web services — Part 3: Security