GEANT Code of Conduct and REFEDS Research and Scholarship compared

Slides:

Advertisements

Similar presentations

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science

Advertisements

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,

Randolf S. Vicente, DLUP, MSRS

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

OASIS Reference Model for Service Oriented Architecture 1.0

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011

REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.

9-10/4/03AK1 Workshop on enabling environments for technology transfer Ghent, Belgium 9-10 April 2003 Andrej Kranjc Ministry of the Environment, Spatial.

SWITCHaai Team Federated Identity Management.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.

SAML Right Here, Right Now Hal Lockhart September 25, 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Networks ∙ Services ∙ People David Groep TCS TNC2015 Workshop TCS SAML demo background June 16, 2015 TCS PMA.

Stuff, including interfederation stuff Dr Ken Klingenstein, Director, Middleware and Security, Internet2.

Social Identity Working Group Steve Carmody. Agenda Intro to Using Social Accounts Status and Recent News –Current UT Pilot –Current InCommon Pilot with.

7 th Pan-Data & CRISP Harmonisation Meeting Zürich Airport TERENA Code of Conduct B.Abt PSI 1 Björn Abt.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.

Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015.

Framework service contract Lot 4 Project: CDDA in conformity with INSPIRE CDDA – INSPIRE PS mapping conclusions Meeting Darja Lihteneger.

International Atomic Energy Agency STRUCTURED DISCUSSION CODE OF CONDUCT AND EU BSS Interregional Training Course on Technical Requirements to Fulfil National.

Brown University Leveraging Social Identities Steve Carmody CSG, May 15, 2013.

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.

Understanding deployment issues on the Supply Chain Ann Harding, SWITCH, Nicole Harris, TERENA Cambridge July 2014.

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

WHOIS Public safety and data protection requirements.

Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.

Doc.JUDr.Soňa Skulová, Ph.D. Principles of Good Governance.

Innovation through participation Expectations on eduGAIN and next steps Valter Nordh, NORDUnet / GU 1.

Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

Eurostat Exchange of micro-data for statistical purposes: from risk identification to risk mitigation Walter J. Radermacher Director-General of Eurostat.

Data protection—training materials [Name and details of speaker]

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Utrecht NA3 Task 4 – Scalable Policy Negotiation.

Networks ∙ Services ∙ People Ann Harding Networkshop 44, Manchester Thinking globally, acting locally Trust and Identity in the GÉANT project.

Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science

Ethics: Guides for Professional Engagement

CoCo and R&S in the UK federation

Releasing Attributes for Science!

Cross-sector and user-centric AAI

The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –

GÉANT Data Protection Code of Conduct (CoCo)

Géant-TrustBroker Dynamic inter-federation identity management

AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)

GÉANT 4-2 JRA3 T1 Something with Federations and Campus VC

AARC2 JRA1 Nicolas Liampotis

InAcademia Simple Validation Service Niels van Dijk

Identity & Access Management InCommon Research and Scholarship

GÉANT 4-2 JRA3 T1 and T2 Federations and Campus (CaFe) e-Infrastructures and Service Providers (RASP) Daniela Pöhn JRA3 T1 LRZ/DFN-AAI Technology Exchange.

Frameworks for harmonized policies and practices

AML- Risk assessment & RBA

AARC Blueprint Architecture and Pilots

EUGridPMA Status and Current Trends and some IGTF topics March 2018 APGridPMA ISGC Meeting David Groep, Nikhef & EUGridPMA.

Consent and Federated Identity

Ethics Communication Channels

CIMI Semantic Binding Issue

Data transfers to non-EU countries under the new GDPR

GÉANT 4-2 JRA3 Daniela Pöhn JRA3 T1 LRZ/DFN-AAI

Themes for training on data protection

Appropriate Access InCommon Identity Assurance Profiles

The Attribute and the ecosystem

Mediation Law in Austria

REFEDS Assurance WG REFEDS meeting 16 June 2019

Verifying student status with

GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019

REFEDS Assurance Suite

Presentation transcript:

GEANT Code of Conduct and REFEDS Research and Scholarship compared Attribute release training 15 June 2015

What is the diference? The Code of Conduct is designed to help IdPs feel more comfortable with the SPs intentions to abide by existing data protection law and therefore have relationship with them and works with all types of service providers. It does not define an explicit attribute list and does not work outside of Europe (EU/EEA) in its current form. R&S is designed to help IdPs that are struggling to define any sort of attribute release policies have an easier way of mitigating the risk and designing policies for a small subset of Service Providers that have been through some minimal vetting for specific attributes. It can be used by any federation globally.

GEANT Code of Conduct and REFEDS Research and Scholarship compared GEANT CoCo REFEDS R&S Legal starting point EU data protection directive Focus on “legitimate interests’` justification of EU DPD Geographical coverage SPs in EEA or the EC whitelist of countries Risk assessment rather than geo-boundary Legal shape Contractual obligation binding for the SP Self declared – assessed by federation Who asserts conformance? The SP The SP’s Home federation Service provider type Not limited Research and scholarship services

Technical representation compared GEANT CoCo REFEDS R&S Entity Category attribute Yes Md:RequestedAttributes MUST, isRequired=”true” SHOULD Associated attribute list Not limited At least eduPersonPrincipalName, mail, displayName OR (givenName AND sn) Other metadata elements Mdui:DisplayName Mdui:Description Mdui:PrivacyStatementURL Mdui:InformationURL

R&S SPs Coco SPs Any conflicts? An SP can assert both R&S and CoCo at the same time An IdP can assert support to both R&S and CoCo at the same time The assertions are interpreted to be independent No boolean logic available for the support attribute E.g. cannot express ”As an IdP, I’m willing to release attributes to R&S SPs iff they are committed to the CoCo” R&S SPs Coco SPs