Presentation is loading. Please wait.

Presentation is loading. Please wait.

Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science.

Published byEarl Roland Hampton Modified over 9 years ago

Similar presentations

Presentation on theme: "Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science."— Presentation transcript:

1 Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science

2 Outline  Why vocabularies?  Why cross-national vocabularies?  schac attributes with no vocabulary  schac attributes with obvious vocabulary  Vocabulary definition for HomeOrganizationType, UniqueCode and UniqueID  Vocabulary definition for PersonalPosition and UserStatus

3 Why vocabularies?  If we intend to use attributes for authorization, there should be common understanding on their semantics between the users (for example, IdPs and SPs)  for example ”this service is authorised for university students”  what is a university?  what is a student?  eduPerson defines one vocabulary: eduPersonAffiliation student/staff/faculty/employee/member/affiliate/alum (it still leaves the interpretation quite open…)

4 Why cross-national vocabularies?  If we are some day going to have cross-national confederation (e.g. eduGAIN), we need common vocabularies as part of the schema  it’s easier to design the vocabularies now, when our federations are still young later it will be painfull – too many changes to too many production level systems  How to define vocabularies in an interoperable but still flexible way?

5 No vocabulary, no problem  schacDateOfBirth for example: 19660412  schacPlaceOfBirth for example: Algeciras, Spain  schacSn1, schacSn2 for example, Lopez de la Moraleda  schacPersonalTitle for example, Prof  schacUserPrecenseID URIs, for example sip:pepe@myweb.com  schacExpiryDate for example: 20051231125959Z  schacUserPrivateAttribute for example, mail, telephoneNumber

6 Vocabulary is obvious (hope so!)  schacMotherTongue – ISO 639 for example, fr, es-ES  schacGender – ISO 5218 1=male, 2=female, 0=not known, 9 = not specified  schacCountryOfCitizenship – ISO 3166 for example, es  schacHomeOrganization – domain names for example, tut.fi  schacCountryOfRecidence – ISO 3166 for example, es  schacUUID – UUID defined by RFC 4530 for example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6

7 Outline of the proposed solution  for HomeOrganizationType, UniqueCode and UniqueID 1.We define an international/EU-wide vocabulary, when we can identify a common European denominator 2.Additionally, each NREN maintains a national vocabulary for national extensions may delegate namespaces for institutional vocabularies 3.Terena gathers links to the national vocabularies and publishes them in http://www.terena.nl/registry/terena.org/schac/ http://www.terena.nl/registry/terena.org/schac/ Benefits EU-wide vocabulary understood in every country National vocabularies make it possible to use and publish national semantics, even to services in another countries, if necessary

8 schacHomeOrganizationType  Purpose: authorization of cross-national services For example, ”for higher education students in any EU country”  Proposed international/EU vocabulary PREFIX=urn:mace:terena.org:schac:homeOrganizationType PREFIX:eu:higherEducationInstitution // HE defined by Bologna PREFIX:eu:educationInstitution // other educational institutions PREFIX:eu:NREN // NREN defined by TERENA PREFIX:eu:universityHospital PREFIX:eu:NRENAffiliate// organisations part of the NREN constituency Bologna process seems to have no definition for a university  National extensions, for example in Finland PREFIX:fi:university, PREFIX:fi:polytechnic, PREFIX:fi:researchInstitution, PREFIX:fi:other  Terena gathers links to national ”homepages” http://www.terena.nl/registry/terena.org/schac/homeorgtype/

9 schacPersonalUniqueID  National identification number/social security number  assigned by national governments, each country (except Germany) has at least one  considered as sensitive in many countries (strong identifier)  each NREN maintains the national namespace for example the Finnish Identification Code (FIC) urn:mace:terena.org:schac:personalUniqueID:fi:FIC:010161-123L  Terena gathers links to national ”homepages”: http://www.terena.nl/registry/terena.org/schac/personalUniqueID/

10 schacPersonalUniqueCode  Local (=not government-assigned) identification codes Student number, Library patron number, etc Notice: employeeNumber is already defined by InetOrgPerson  One international namespace proposed for a student number to make student numbers understood automatically between countries urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:‹tld›:‹code› for example, urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:tut.fi:159345  for other local identifiers, each NREN maintains the national namespace  Terena gathers links to national ”homepages”: http://www.terena.nl/registry/terena.org/schac/personalUniqueCode/

11 The rest two without separate namespace maintenance schacPersonalPosition  defines a personal position in an institution  for example, urn:mace:terena.org:schac:personalPosition:umk.pl:programmer  to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:personalPosition) schacUserStatus  specifies persons status as a user of services  for example, urn:mace:terena.org:schac:userStatus:uma.es:affiliation:expired urn:mace:terena.org:schac:userStatus:uma.es:sendMail:expired urn:mace:terena.org:schac:userStatus:uma.es:getMail:active  to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:userStatus)

Download ppt "Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science."

Similar presentations

Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,

Innovation through participation eduGAIN as a service (T3) in Multi-Domain User Applications (SA3) Valter Nordh, NORDUnet / GU NORDUnet conference, Köpenhamn,
EGI-InSPIRE RI-261323 EGI-InSPIRE EGI-InSPIRE RI-261323 AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager

EGI-InSPIRE RI EGI-InSPIRE EGI-InSPIRE RI AAI in EGI Status and Evolution Peter Solagna Senior Operations Manager
Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki 2.10.2013 Mikael Linden, CSC – IT Center for Science

Innovation through participation Data Protection Code of Conduct (DP CoC) REFEDS Helsinki Mikael Linden, CSC – IT Center for Science
Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) 21.6.2012 FIM for research collaboration workshop Mikael Linden,

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.

Resource Entitlement Management System Manne Miettinen Mikael Linden Janne Lauros CSC – IT Center for Science.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
InterParty Functional Requirements A presentation to the final InterParty Seminar The Hague 13 June 2003 David Martin.

InterParty Functional Requirements A presentation to the final InterParty Seminar The Hague 13 June 2003 David Martin.
European Union. Which countries are members of the European Union? More than 25 Why did the European Union form? To encourage trade within Europe What.

European Union. Which countries are members of the European Union? More than 25 Why did the European Union form? To encourage trade within Europe What.
5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.

5/25/2015 AEB/Yleisesittely Roaming network access using Shibboleth in University of Helsinki Fall 2004 Internet2 Member Meeting 29th of September, 2004.
Kalmar Union 15.1.2008 Mikael Linden CSC, the Finnish IT Center for Science.

Kalmar Union Mikael Linden CSC, the Finnish IT Center for Science.
TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-

TF-EMC2 February 2006, Zagreb Deploying Authorization Mechanisms for Federated Services in the EDUROAM Architecture (DAME) -Technical Project Proposal-
Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (http://www.ag-nbi.de)http://www.ag-nbi.de.

Beispielbild Shibboleth, a potential security framework for EDIT Lutz Suhrbier AG Netzbasierte Informationssysteme (
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna 17-18 Oct 2011

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.

The TERENA Academic CA Repository. eIRG Meeting. Dublin, 16/04/2004 Diego R. Lopez – TF-AACE  Task Force on Authentication and.
UKOLUG - July 1998 1 Metadata for the Web RDF and the Dublin Core Andy Powell UKOLN, University of Bath UKOLN.

UKOLUG - July Metadata for the Web RDF and the Dublin Core Andy Powell UKOLN, University of Bath UKOLN.
FIM-ig Federated Identity Management Interest Group.

FIM-ig Federated Identity Management Interest Group.
Internationalisation of Italian URNs Scheme Enrico Francesconi, PierLuigi Spinosa Institute of Legal Information Theory and Techniques Italian National.

Internationalisation of Italian URNs Scheme Enrico Francesconi, PierLuigi Spinosa Institute of Legal Information Theory and Techniques Italian National.
CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science

CASE: Haka federation EuroCAMP, 3-5 April, 2006 CSC, the Finnish IT Center for Science
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service 2012-02-27 Federated Identity Systems.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.

Similar presentations

Ads by Google