GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019

Slides:

Advertisements

Similar presentations

Federation management A mess? Nordunet Conference Mikael Linden CSC, the Finnish IT Center for Science.

Advertisements

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.

Copyright JNT Association Federated Identity and Data Protection Law Andrew Cormack, Eva Kassenaar, Mikael Linden, Walter Martin Tveter.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

SWITCHaai Team Federated Identity Management.

EduGAIN Code of Conduct Workshop, , Brussels GEANT eduGAIN Data Protection "Code of Conduct" Workshop Dieter Van Uytvanck

AAF Middleware update February Presented by Terry Smith Technical Manager and Heath Marks Manager.

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

European Life Sciences Infrastructure for Biological Information Life science community update for the 7 th Federated Identity Management.

10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.

Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

GDB July 2015 Jeremy’s quick summary notes Also refer to the meeting minutes

Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,

Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.

Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.

Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.

Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos GRNET Proposed Pilots for Libraries and eGov.

Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.

Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.

Clain update TF-EMC Mikael Linden, CSC.

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

Understanding deployment issues on the Supply Chain Ann Harding, SWITCH, Nicole Harris, TERENA Cambridge July 2014.

Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team

Innovation through participation Expectations on eduGAIN and next steps Valter Nordh, NORDUnet / GU 1.

CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. SAML2 draft profile in Haka Vienna Mikael Linden.

Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.

Leveraging Campus Authentication to Access the TeraGrid Scott Lathrop, Argonne National Lab Tom Barton, U Chicago.

European Life Sciences Infrastructure for Biological Information European Life Sciences Infrastructure for Biological Information.

Authentication and Authorisation for Research and Collaboration AARC/CORBEL Workshop for Life Sciences AAI AARC Draft Blueprint.

Networks ∙ Services ∙ People Ann Harding Networkshop 44, Manchester Thinking globally, acting locally Trust and Identity in the GÉANT project.

Authentication and Authorisation for Research and Collaboration Taipei - Taiwan Mechanisms of Interfederation 13th March 2016 Alessandra.

Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science

SCI & Sirtfi David Kelsey (STFC-RAL) EGI Conference, Lisbon 19 May 2015.

The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –

AARC Update What’s been happening in AARC which matters for GÉANT

User Community Driven Development in Trust and Identity

Policy and Best Practices … the Story So Far

GÉANT Data Protection Code of Conduct (CoCo)

Géant-TrustBroker Dynamic inter-federation identity management

Policy and Best Practices … the Story So Far

AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)

GÉANT 4-2 JRA3 T1 Something with Federations and Campus VC

Mirjam van Daalen:: Paul Scherrer Institut

GEANT Code of Conduct and REFEDS Research and Scholarship compared

Minimal Level of Assurance (LoA)

GÉANT 4-2 JRA3 T1 and T2 Federations and Campus (CaFe) e-Infrastructures and Service Providers (RASP) Daniela Pöhn JRA3 T1 LRZ/DFN-AAI Technology Exchange.

REFEDS Assurance Framework

Leveraging the IGTF authentication fabric for research

AARC Blueprint Architecture and Pilots

AAI Architectures – current and future

Björn Erik Abt :: Paul Scherrer Institut

GÉANT 4-2 JRA3 Daniela Pöhn JRA3 T1 LRZ/DFN-AAI

Federated Identity and Data Protection Law

REFEDS Assurance WG REFEDS meeting 16 June 2019

FIM4R Requirements where GN3+ (SA5) is Active and Involved (9/2013)

REFEDS Assurance Suite

Presentation transcript:

GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019 Mikael Linden, mikael.linden@csc.fi CSC – IT Center for Science GN4-3 project

The attribute release problem Release my attributes to SP X, I need it to do my job! Home Organisation (HO): User (researcher) Sorry, to protect your privacy, we cannot release your attributes. IdP admin Authenticates Attributes ? Service Provider organisation IdP SP X

GEANT CoCo status and next steps In February 2019, authorities (EDPB) published draft guidelines for codes of conduct Effective oversight mechanisms Monitoring body GEANT Association and GEANT project now studying these Then contact Dutch authorities for submission https://wiki.refeds.org/x/N4MY

Monitoring the GEANT CoCo New to everyone, out first approach: Technical conformance Can be fully automated Behavioural conformance Based on self-assessments Complaints Who is proposed as the monitoring body? for SPs in eduGAIN, GEANT Association? for SPs in national federations, ??? SP IdP Participant Federation eduGAIN service

Other open issues How do we call it (GEANT data protection code of conduct for federated IdM?) Making international organisations confident to commit to it Authorities have not published guidelines for CoCos for international transfers