Moving forward with assurance

Slides:

Advertisements

Similar presentations

© 2006 Open Grid Forum OGF19 Federated Identity Rule-based data management Wed 11:00 AM Mountain Laurel Thurs 11:00 AM Bellflower.

Advertisements

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Functional component terminology - thoughts C. Tilton.

Federated Identity Management for Research Communities (FIM4R) David Kelsey (STFC-RAL) EGI TF, AAI workshop 19 Sep 2012.

1 Issues in federated identity management Sandy Shaw EDINA IASSIST May 2005, Edinburgh.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Copyright JNT Association 20051OptionalCopyright JNT Association 2007 Overview of the UK Access Management Federation Josh Howlett.

Gary Brown, Senior Systems Developer, Portal Development Team Identity Management Toolkit a JISC sponsored project.

Identity Management Practical Issues Associated with Sharing Federated Services UT System Identity Management Federation William A. Weems The University.

A DESCRIPTION OF CONCEPTS AND PLANS MAY 14, 2014 A. HUGHES FOR TFTM The Identity Ecosystem DISCUSSION DRAFT 1.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

AAI-enabled VO Platform “VO without Tears” Christoph Witzig EGI TF, Amsterdam, Sept 15, 2010.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Ning Zhang, the University of Manchester, UK David Groep, National Institute for Nuclear and High Energy Physics, NL Blair Dillaway, OGF Security Area.

The UK Access Management Federation John Chapman Project Adviser – Becta.

Level of Assurance. LOA LOA classic - The strength of the authentication assertion Depends on identity proofing, delivery of credential, repeated act.

JRA1.4 Models for implementing Attribute Providers and Token Translation Services Andrea Biancini.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Copyright JNT Association 2009GN3, 8 th September Inter-Federation Agreements eduGAIN and beyond? Andrew Cormack Chief Regulatory Adviser, JANET(UK)

Attribute Delivery - Level of Assurance Jack Suess, VP of IT

REFEDS. Rome, October 2009 Attribute space: LoAs, aggregation and reputation.

Growth. Interfederation PKI is globally scalable Unfortunately, its not locally deployable… Federation is locally deployable Can it.

Networks ∙ Services ∙ People eduGAIN Townhall Meeting Nicole Harris (or updating the eduGAIN policy suite) “Unicorns can be sued in Wales”

Building Preservation Environments with Data Grid Technology Reagan W. Moore Presenter: Praveen Namburi.

Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.

Unified Identity for Access Control Carl Ellison 7 April 2011 IDtrust.

1 Team Skill 3 Defining the System Part 1: Use Case Modeling Noureddine Abbadeni Al-Ain University of Science and Technology College of Engineering and.

IGTF Generalised Assurance comments by federation operators with a SAML background September 19-21, 2016 CERN, Geneva, CH.

Jubilee Park and Summerhill

Introduction To DBMS.

Ireland Special Interest Group SAP Ireland, Citywest, Dublin

Sandy Porter - Strategy Director Avoco Secure

All Student Group Meeting

Chief Regulatory Adviser, JANET(UK)

Systems Analysis and Design

Classic X.509 AP updates (v4.1)

On the Duality of Operating System Structures

InCommon Participant Operating Practices: Friend or Foe?

TF-EMC2 meeting Mikael Linden,

AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)

Equality and diversity – session 2

Configuration Management and Prince2

Prepared by Rand E Winters, Jr. ASR Senior Auditor October 2014

CLARIN Federated Identity Vision

Current Campus Issues – From My Horizon

The NICE Citizens Council and the role of social value judgements

Quality Management Systems

South African Identity Federation

Managing Digital Identity

SafeSurfing Module 5 September 2016.

Andrew Lymer University of Birmingham & Roger Debreceny

Welcome to the FERPA training for Faculty and Staff.

Updated (VO) Community Security Policies

Supporting communities with harmonized policy

InCommon Participant Operating Practices: Friend or Foe?

BASIC IRRS TRAINING Lecture 6

The activity of Art. 29. Working Party György Halmos

Fed/ED December 2007 Jim Jokl University of Virginia

Teams What is a team? Maintaining Focus

Community AAI with Check-In

USNRC IRRS TRAINING Lecture 12

Metadata The metadata contains

Appropriate Access InCommon Identity Assurance Profiles

Technical Issues with Establishing Levels of Assurance

The Attribute and the ecosystem

Chapter 4 System Modeling.

The JISC Core Middleware Call

Protecting Privacy with Federated AA

Check-in Identity and Access Management solution that makes it easy to secure access to services and resources.

Presentation transcript:

Moving forward with assurance What can we draw from a discussion on Facebook as an Identity Provider, assurance and attribute aggregation?

Very initial thoughts on planning for REFEDS I’m probably still jet-lagged Happy for amendments / criticism, BUT Will develop more coherently for presentation in Malaga

What was it all about? Drawn from a discussion on tf-emc2 mailing list in March 2009. Should non-institutional authentication systems be allowed within federations? How does this affect assurance and trust? Not going to discuss summary document – available on the tf-emc2 wiki. Document is intended to be a summary of discussion: Not a statement of fact; Not a position paper.

Questions and Ideas Drawn from the Discussion What does it mean to be a member of a federation ‘club’? What do we mean to achieve by allowing / disallowing membership of this club? What can we draw from this regarding assertions of trust and assurance?

The federation club Typically in our context a collection of organisations within a specific geographic boundary involved in education and research. Plus the service providers delivering services to these organisations. This is a gross generalisation! “Real world” organisations (legal entities – although legal status not always relevant or required): The domain of education and research; Not a community of practise.

Federations, Domains and Communities of Practise B fed C fed D fed E fed F

Current Federation Model Pragmatic, fundable, relatively easy to organise. Not broken, doesn’t need fixing . Value-add to the domain of members is in REGISTRATION of entities at federation. Federation adds assurance as a registrar: Quality of metadata; Adherence to laws, good practise. Provides a statement of practise as a registrar , including commentary on the assurance it provides for members and others to make a trust value judgement. Works at this level as organisations are typically like for like – the ‘warm fluffy feeling’.

Where is assurance added? To the entity: at the point of registration with some kind of metadata registrar (typically at the moment Federations). This type of assurance is different from end-user assurance. Confusion between role of federation in adding assurance to metadata through registration and policing end-user assurance. To the end-user: at the point of registration with an institution (identity proofing). ONLY to identity. (Possibly) at various different points in time. Need to separate out: Assurance in metadata (this is well-processed entity metadata, authoritative copy etc). Assurance of the identity of an end-user. Assurance in the identity management practises of a particular institution.

Things to think about for assurance (1) Assurance provided at point of metadata registration. Where is this statement made and how? Made by registrar not by entity. Add-on assurance, not part of the identity assurance profile work. UK federation Operator Procedures? http://www.ukfederation.org.uk/library/uploads/Documents/federation-operator-procedures.pdf. Assurance can additionally be added at point of metadata aggregation (we only aggregated from these types of metadata registrars – more later). Note: different from the types of ‘registration assurance’ discussed by David Chadwick which refers to registration of users = identity proofing.

Things to think about for assurance (2) Strength of Authentication: Password (challenge, response) – most entities here; Tunnelled password; Soft crypto token / one-time password; Hard crypto token. Can be part of an identity assurance profile. Typically hierarchical in nature (gets stronger!).

Things to think about for assurance (3) Identity Assurance Profiles. Should be defined by (representative bodies of) the communities that need to use them (not the domain in which they operate). Should describe whole programme / process including standards (i.e. NIST), processes required to meet this standard and auditing processes. IAPs should be expressed in entity metadata as ‘flags’. Flag in metadata does not itself provide assurance. IAPs not necessarily hierarchical (not ‘levels’). Provides assurance of identity: very small subset (name, perhaps DoB) of user attributes. Shouldn’t be assumed to assure all attributes provided (i.e can only guarantee address is up to date if explicit address updating is in IAP).

Registration and Aggregation / Distribution Useful to separate out the roles of: Metadata Registration; Metadata Aggregation and Distribution. Both typically done by federations, but aggregation and distribution can happen in isolation from registration. Registration: adds registration assurance, authoritative copy, well-looked after metadata (as opposed to self-asserted metadata from institutions). Registered metadata carries IAPs. The assurance is that these are well expressed IAPs, not that the IAPs are correct. Auditing of IAPs can happen elsewhere. Registrar can aggregate and distribute metadata. Other aggregators can aggregate and distribute metadata from a variety of registrars (or self-asserted metadata directly from institutions) depending on trust decisions based on registrar sources: an additional assurance. Organisations make decisions to use aggregated metadata based on above.

Assumptions and Questions LoA is used as a term in our environment to mean all three of these areas and subsets of these areas. Clarity is needed on assurance provided by registrar within current federations: registrar statement of assurance practise? Communities of practise should define IAPS. Federation clubs are not necessarily communities of practise (but may be). REFEDS may have an interest in defining IAPs for work within all European federations rather than developing piecemeal for each. Assurance auditor role needs to be though about: who instigates / carries out the audit? Federation? External party? How many potential IAP may federations have to support? How many communities of practise and where is the limit? Who is worried about levels of authentication?

Parent/Pupil Inter-Federation Andrew Cormack Chief Regulatory Adviser, JANET(UK) Andrew.Cormack@ja.net 14

Requirement Parents to get access to children’s School reports Homework records Attendance records etc. Information now stored on VLEs Parents have children in multiple schools Sometimes multiple education authorities Schools don’t want to issue credentials

How it might work (Gov’t model) School federation Government federation ? ? Login Login + driver number Pupil ID + address +child ‘token’ + tax number VLE Tax TV licence Driving licence

Interesting Issues Inter-federation required But only unidirectional for this application Adding authorisation “attributes” To 3rd party authentication And attribute is actually relationship Watch this space...