Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Slides:



Advertisements
Similar presentations
Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,
Advertisements

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science
Innovation through participation eduGAIN federation operator training eduGAIN interfederation service /18 Valter Nordh, NORDUnet / GU 1.
Innovation through participation eduGAIN federation operator training Operations Team, OT, how to join eduGAIN /18 Valter Nordh, NORDUnet / GU.
Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
SWITCHaai Team Federated Identity Management.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.
Sirtfi David Kelsey (STFC-RAL) REFEDS at TNC15 14 June 2015.
SAML Right Here, Right Now Hal Lockhart September 25, 2012.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Innovation through participation Business Case of eduGAIN, (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU TNC 2010, Vilnius,
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.
SAML 2.1 Building on Success. Outline n Summary of SAML 2.0 n Work done since 2.0 n Objectives of SAML 2.1 n Proposed Task List n Undecided Issues n Invitation.
Kalmar Union, a Conferedation of Nordic Identity Federations TNC2009 Mikael Linden, CSC Andreas Solberg, UNINETT.
Towards Interconnecting the Nordic Identity Federations TNC2007 Walter M Tveter, UiO Mikael Linden, CSC/HAKA Ingrid Melve, Uninett/Feide.
10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.
Campus Identity Management Requirements (=IAP) REFEDs meeting Mikael Linden,
Schac attributes and common vocabularies TF-EMC Mikael Linden CSC, the Finnish IT Center for Science.
Kalmar Union lessons: Findings in federation harmonisation REFEDS Mikael Linden, CSC.
GFIPM FICAM Status Update GFIPM Delivery Team Meeting November 2011.
Federations round table Haka federation of Finland EuroCAMP Mikael Linden CSC, the Finnish IT Center for Science.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.
Innovation through participation eduGAIN interfederation service for research and education Cern FedID workshop in RAL, UK 2-3 Nov 2011 Mikael Linden,
Test your IdP
Authentication and Authorisation for Research and Collaboration Licia Florio REFEDS Meeting The AARC Project I2 Technology Exchange.
Authentication and Authorisation for Research and Collaboration Licia Florio AARC Workshop The AARC Project Brussels, 26 October.
Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Milan And mechanisms NA3 Task 4 – Scalable.
Innovation through participation eduGAIN policy: A worm report TF-EMC2 Vienna Mikael Linden, CSC The worm farmer.
Federations, the Data Protection Directive and WP29 TF-EMC2 Mikael Linden, CSC, the Finnish IT Center for Science.
Authentication and Authorisation for Research and Collaboration Mikael Linden AARC all hands Milan Authentication and Authorisation.
Géant-TrustBroker Project Overview Daniela Pöhn 7 th FIM4R meeting Frascati, Italy April 24 th, 2014.
Diego R. Lopez, RedIRIS JRES2005, Marseille On eduGAIN and the Coming GÉANT Middleware Infrastructure.
Federated Identity Management for HEP David Kelsey HEPiX, IHEP Beijing 18 Oct 2012.
Authentication and Authorisation for Research and Collaboration Christos Kanellopoulos Open Day Event: Towards the European Open.
Networks ∙ Services ∙ People Daniela Pöhn REFEDS EWTI, Vienna IdPs and Federations Service Aspects of Assurance SA5T1.
Innovation through participation eduGAIN update TF-EMC2 Vienna Valter Nordh, NORDUnet / GU Josh Howlett, JANET.
Networks ∙ Services ∙ People Thomas Bärecke Journée Fédération, Paris Collaboration européenne GÉANT SA5 03/07/2015 SA5 T5 team
Networks ∙ Services ∙ People eduGAIN Townhall Meeting Nicole Harris (or updating the eduGAIN policy suite) “Unicorns can be sued in Wales”
Connect communicate collaborate Trust & Identity EC meets GÉANT 19 June 2014 Brussels Valter Nordh, NORDUnet Federation as a Service Task Leader Trust.
Innovation through participation Expectations on eduGAIN and next steps Valter Nordh, NORDUnet / GU 1.
CSC – Tieteen tietotekniikan keskus Oy CSC – IT Center for Science Ltd. SAML2 draft profile in Haka Vienna Mikael Linden.
Networks ∙ Services ∙ People Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.
Federated Identity Fundamentals Ann Harding, SWITCH Cambridge July 2014.
Networks ∙ Services ∙ People Licia Florio TNC, Lisbon Consuming identities across e- Infrastructures 16 June 2015 PDO GÈANT.
Designing Identity Federation Policy, the right way Marina Vermezović, Academic Network of Serbia TNC2013 conference 4 May 2013.
Networks ∙ Services ∙ People TNC 2016, Prague Alice Through the Looking Glass Science DMZ goes above the network 13 June
Authentication and Authorisation for Research and Collaboration David Kelsey AARC AHM Utrecht NA3 Task 4 – Scalable Policy Negotiation.
Innovation through participation Data Protection Code of Conduct (DP CoC) TNC2013 conference, 4 June 2013 Mikael Linden, CSC – IT Center for Science
The Policy Puzzle Many groups and (proposed) policies, but leaving many open issues AARC “NA3” is tackling a sub-set of these “Levels of Assurance” –
GÉANT Data Protection Code of Conduct (CoCo)
Géant-TrustBroker Dynamic inter-federation identity management
TF-EMC2 - eduGAIN update
TF-EMC2 meeting Mikael Linden,
AAI Alignment Nicolas Liampotis (based on the work of Mikael Linden)
GÉANT 4-2 JRA3 T1 Something with Federations and Campus VC
GEANT Code of Conduct and REFEDS Research and Scholarship compared
Minimal Level of Assurance (LoA)
REFEDS Assurance Framework
GÉANT 4-2 JRA3 Daniela Pöhn JRA3 T1 LRZ/DFN-AAI
Appropriate Access InCommon Identity Assurance Profiles
GEANT Data protection Code of Conduct 2.0 REFEDS meeting 16 June 2019
REFEDS Assurance Suite
Presentation transcript:

Innovation through participation EduGAIN policy (working draft) Status update REFEDs 30th May 2010

Innovation through participation eduGAIN project in general Purpose of eduGAIN, (a.k.a. GÉANT3 Service Activity 3, Task 3) Create a confederation interconnect existing federations Timeline 4/2010 technical pre-pilot started 10/2010 pilot starts 4/2011 production starts, policy signed 4/2013project ends For details, listen to TNC speak on Wednesday Task leader: Valter Nordh Policy sub-task: Mikael Linden

Innovation through participation Proposed eduGAIN bodies NREN PC As defined by Geant network and project Technical Steering Group (TSG) On delegate from each participant federation Operational Team (OT) Daily technical issues

Innovation through participation Proposed eduGAIN Policy structure 1. Agreement (joining federations sign) 2. Constitution (NREN PC approves/changes) 3. Profiles and other supplementing documents (NREN PC or TSG approves/changes)

Innovation through participation 1. Agreement Joining federation signs Unilateral declaration where joining federation commits to the terms

Innovation through participation 2. Constitution Eligibility to join GN3 project partners Other federations if approved by NREN PC Requirements for joining federations Primarily from research and education Ensure Providers conform to policy Provide helpdesk Incident handling

Innovation through participation 2. Policy Enforcement In case of a severe policy violation, OT issues a notice to the TSG, or propose to NREN PC a temporary quarantine period, or propose to NREN PC a disqualification of the participant federation from the confederation.

Innovation through participation 2. Other issues Branding: leave the door open for eduID Audits: No audits for federations or IdPs Profiles supplementing the constitution NREN PC approves, if REQUIRED TSG approves, if RECOMMENDED or OPTIONAL

Innovation through participation 3. Technical profiles Metadata profile (REQUIRED) A SAML2 metadata profile SAML 2.0 profile (RECOMMENDED) Saml2int.org ver 0.2 ?

Innovation through participation 3. Attribute syntax and semantics important RECOMMENDED webSSO attribute profile RECOMMENDED attributes (cn, mail, eP(S)A, schacHomeOrganization, schacHomeOrganizationType) ePA semantics (if needed, define a new attribute) SAML2 persistentID RECOMMENDED ePPN MAY be used

Innovation through participation 3. Data Protection OPTIONAL data protection profile Helps to conform to directive 95/46/EC on data protection SPs have two categories: PII and non-PII Defines IdPs’ and SPs’ coordinated functionality For minimal disclosure, informing the end user, legal grounds for processing, release to 3rd countries… Relies on SAML2 metadata tags

Innovation through participation 3. Quality of IdP-side Identity management IdPs must ensure that attributes released are up-to-date (some interest in expressing Level of Assurance in the assertion)

Innovation through participation Got interested? Provide your comments Face to face By mail to In our vc every second Thursday at CEST on connect.sunet.se/edugain The next one is in 10th June

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.