Presentation is loading. Please wait.

Presentation is loading. Please wait.

Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science.

Similar presentations


Presentation on theme: "Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science."— Presentation transcript:

1 Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science

2 Outline  Why vocabularies?  Why cross-national vocabularies?  schac attributes with no vocabulary  schac attributes with obvious vocabulary  Vocabulary definition for HomeOrganizationType, UniqueCode and UniqueID  Vocabulary definition for PersonalPosition and UserStatus

3 Why vocabularies?  If we intend to use attributes for authorization, there should be common understanding on their semantics between the users (for example, IdPs and SPs)  for example ”this service is authorised for university students”  what is a university?  what is a student?  eduPerson defines one vocabulary: eduPersonAffiliation student/staff/faculty/employee/member/affiliate/alum (it still leaves the interpretation quite open…)

4 Why cross-national vocabularies?  If we are some day going to have cross-national confederation (e.g. eduGAIN), we need common vocabularies as part of the schema  it’s easier to design the vocabularies now, when our federations are still young later it will be painfull – too many changes to too many production level systems  How to define vocabularies in an interoperable but still flexible way?

5 No vocabulary, no problem  schacDateOfBirth for example: 19660412  schacPlaceOfBirth for example: Algeciras, Spain  schacSn1, schacSn2 for example, Lopez de la Moraleda  schacPersonalTitle for example, Prof  schacUserPrecenseID URIs, for example sip:pepe@myweb.com  schacExpiryDate for example: 20051231125959Z  schacUserPrivateAttribute for example, mail, telephoneNumber

6 Vocabulary is obvious (hope so!)  schacMotherTongue – ISO 639 for example, fr, es-ES  schacGender – ISO 5218 1=male, 2=female, 0=not known, 9 = not specified  schacCountryOfCitizenship – ISO 3166 for example, es  schacHomeOrganization – domain names for example, tut.fi  schacCountryOfRecidence – ISO 3166 for example, es  schacUUID – UUID defined by RFC 4530 for example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6

7 Outline of the proposed solution  for HomeOrganizationType, UniqueCode and UniqueID 1.We define an international/EU-wide vocabulary, when we can identify a common European denominator 2.Additionally, each NREN maintains a national vocabulary for national extensions may delegate namespaces for institutional vocabularies 3.Terena gathers links to the national vocabularies and publishes them in http://www.terena.nl/registry/terena.org/schac/ http://www.terena.nl/registry/terena.org/schac/ Benefits EU-wide vocabulary understood in every country National vocabularies make it possible to use and publish national semantics, even to services in another countries, if necessary

8 schacHomeOrganizationType  Purpose: authorization of cross-national services For example, ”for higher education students in any EU country”  Proposed international/EU vocabulary PREFIX=urn:mace:terena.org:schac:homeOrganizationType PREFIX:eu:higherEducationInstitution // HE defined by Bologna PREFIX:eu:educationInstitution // other educational institutions PREFIX:eu:NREN // NREN defined by TERENA PREFIX:eu:universityHospital PREFIX:eu:NRENAffiliate// organisations part of the NREN constituency Bologna process seems to have no definition for a university  National extensions, for example in Finland PREFIX:fi:university, PREFIX:fi:polytechnic, PREFIX:fi:researchInstitution, PREFIX:fi:other  Terena gathers links to national ”homepages” http://www.terena.nl/registry/terena.org/schac/homeorgtype/

9 schacPersonalUniqueID  National identification number/social security number  assigned by national governments, each country (except Germany) has at least one  considered as sensitive in many countries (strong identifier)  each NREN maintains the national namespace for example the Finnish Identification Code (FIC) urn:mace:terena.org:schac:personalUniqueID:fi:FIC:010161-123L  Terena gathers links to national ”homepages”: http://www.terena.nl/registry/terena.org/schac/personalUniqueID/

10 schacPersonalUniqueCode  Local (=not government-assigned) identification codes Student number, Library patron number, etc Notice: employeeNumber is already defined by InetOrgPerson  One international namespace proposed for a student number to make student numbers understood automatically between countries urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:‹tld›:‹code› for example, urn:mace:terena.org:schac:personalUniqueCode:eu:studentID:tut.fi:159345  for other local identifiers, each NREN maintains the national namespace  Terena gathers links to national ”homepages”: http://www.terena.nl/registry/terena.org/schac/personalUniqueCode/

11 The rest two without separate namespace maintenance schacPersonalPosition  defines a personal position in an institution  for example, urn:mace:terena.org:schac:personalPosition:umk.pl:programmer  to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:personalPosition) schacUserStatus  specifies persons status as a user of services  for example, urn:mace:terena.org:schac:userStatus:uma.es:affiliation:expired urn:mace:terena.org:schac:userStatus:uma.es:sendMail:expired urn:mace:terena.org:schac:userStatus:uma.es:getMail:active  to manage namespace, it is recommended to use domain name after the prefix (urn:mace:terena.org:schac:userStatus)


Download ppt "Schac attributes and common vocabularies TF-EMC2 16-17.10.2006 Mikael Linden CSC, the Finnish IT Center for Science."

Similar presentations


Ads by Google