Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015.

Published byCamron Russell Modified over 8 years ago

Similar presentations

Presentation on theme: "Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015."— Presentation transcript:

1 Networks ∙ Services ∙ People www.geant.org Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff REFEDS @ Internet2 Technology Exchange 2015 Sunday 4th October 2015

2 Networks ∙ Services ∙ People www.geant.org Nicole Harris, GÉANT Harmonisation Rhys Smith, JISC Non Web Brook Schofield, GÉANT eduGAIN Marina Vermezovic, AMRES Federation as a Service Niels van Dijk, Surfnet VOPaaS & InAcademia Lukas Hämmerle, SWITCH Enabling Users Mandeep Saini, GÉANT Assoc. GÉANT AAI Miroslav Milinovic, CARnet/SRCE eduroam Who’s who?

3 Networks ∙ Services ∙ People www.geant.org Harmonisation Entity Categories CoCo Federation Practices Assurance Business Case Interoperability Non web MoonshotECP eduGAIN eduGAIN technical development, inc. portal Federation development InAcademia Federation as a Service VO Platform as a Service Enabling Users PilotsConsultancy SP registration simplification The eduGAIN family in GN4 Service Development (SA5) New TaskNew Subtask/work area

4 Networks ∙ Services ∙ People www.geant.org Support the rollout of “Research and Scholarship” and “Code of Conduct” categories. Support the creation of “Affiliation” and “Academia” categories. Entity Categories Continue development of non EU / EEA Code of Conduct. Ensure compliancy with changing Data Protection legislations. Work with WP29. Code of Conduct Establish common Metadata Registration Practice Statement. Support non-SAML profiles in eduGAIN. Make recommendations on metadata publication processes. Federation Practices Cost-benefit analysis for campuses adopting assurance profiles. Scoping of step-up assurance service options. Assurance Business Case Complete STORK-eduGAIN interoperability pilot and eIDAS scoping. Define service requirements for FedLab offering. Interoperability Service Development (SA5) Trust and Identity Harmonisation New Subtask/work area

5 Networks ∙ Services ∙ People www.geant.org Research and Scholarship 5 DateIdPsSPsFederations 10 September 2105 3946DFN, CESNET, SWITCHaai, UK, SWAMID, Aconet, InCommon, Feide. (8) 03 October 20154351DFN, CESNET, PIONER.Id, SWITCHaai, UK, SWAMID, Aconet, InCommon, Feide, SurfConext, IDEM. (11)

6 Networks ∙ Services ∙ People www.geant.org CONSENTThe data subject has unambiguously given his consent. CONTRACTUALProcessing is necessary for the performance of a contract to which the data subject is party. LEGAL OBLIGATIONProcessing is necessary for compliance with a legal obligation to which the data controller is subject. VITAL INTERESTProcessing is necessary in order to protect the vital interests of the data subject. PUBLIC INTERESTProcessing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed. LEGITIMATE INTERESTS Processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed.

7 Networks ∙ Services ∙ People www.geant.org What do the important people say? Article29 Working Party: "The current text of Article 7(f) of the Directive is open ended. This flexible wording leaves much room for interpretation and has sometimes as experience has shown led to lack of predictability and lack of legal certainty. However, if used in the right context, and with the application of the right criteria, as set out in this Opinion, Article 7(f) has an essential role to play as a legal ground for legitimate data processing.” 7(f) = legitimate interests

8 Networks ∙ Services ∙ People www.geant.org What do the important people say? Article29 Working Party: "...an appropriate assessment of the balance under Article 7(f), often with an opportunity to opt-out of the processing, may in other cases be a valid alternative to inappropriate use of, for instance, the ground of 'consent' or 'necessity for the performance of a contract'. Considered in this way, Article 7(f) presents complementary safeguards - which require appropriate measures - compared to the other pre-determined grounds.” PERFORM A BALANCE TEST

9 Networks ∙ Services ∙ People www.geant.org SAFGUARDSTRANSPARENCY IMPACT MANAGEMENT LEGITIMATE REASONS BALANCE CASE BY CASE https://wiki.refeds.org/display/ENT/Guidance+on+justification+for+attribute+release

10 Networks ∙ Services ∙ People www.geant.org 7-STEP PLAN Check that Legitimate Interests is the best approach. STEP ONE Qualify the legitimacy of the request – lawful, clearly articulated, real need. STEP TWO Determine whether the processing is necessary to achieve the goal. STEP THREE

11 Networks ∙ Services ∙ People www.geant.org 7-STEP PLAN Balance the data controller’s needs against the interests of the subjects. STEP FOUR Identity safeguards you can put in place (tech design etc). STEP FIVE Demonstrate (publish) compliancy. STEP SIX Allow the user to opt-out. STEP SEVEN

12 Networks ∙ Services ∙ People www.geant.org Where? 12 https://wiki.geant.org/display/gn41sa5/Task+1++- +Harmonisation

13 Networks ∙ Services ∙ People www.geant.org The “Academia” conversation - hopefully Leif will arrive. Paper on the value proposition for statistics and next steps proposal. Paper on how to make edugain technology neutral. Push for entity category adoption. Business case on assurance for IdPs. Metdata Registration Practice Statement for eduGAIN. (publication?) What will you see? 13

14 Networks ∙ Services ∙ People www.geant.org The eduGAIN context Growth & Maturity eduGAIN Members Joining eduGAIN Other federations

15 Networks ∙ Services ∙ People www.geant.org Trust and Identity Harmonisation Relationships Harmonisation Entity Categories Code of Conduct Federation Practices Assurance Business Case Interoperability REFEDS AARC Non Web eduGAIN Enabling Users

16 Networks ∙ Services ∙ People www.geant.org AARC & Enabling Users Requirements Specific Anchored in real use cases Training REFEDS Pre-existing design work Profiles Experiences Harmonisation Develop business case (P1) Costing Supply chain Pilot (P2) eduGAIN Incorporate (P2, P3) In depth – Assurance REFEDS/GÉANT/AARC working together Don’t reinvent wheels – do try to really use them

17 Networks ∙ Services ∙ People www.geant.org Advanced CAMP sessions. Security Incident and Assurance in FIM: Monday 11:20am. Moonshot: Tuesday 2:25pm. VAMPIRE (GÉANT VO): Tuesday 3pm. VO Platform as a Service: Tuesday 3.25pm. Lightning Talk on InAcademia: Tuesday 3pm. SA5 at TechX 17

18 Networks ∙ Services ∙ People www.geant.org Thank you Networks ∙ Services ∙ People www.geant.org This work is part of a project that has applied for funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 691567 (GN4-1). 18 Questions?

Download ppt "Networks ∙ Services ∙ People Nicole Harris, GÉANT GN4 Project Update “SA5”, or Identity Stuff Internet2 Technology Exchange 2015."

Similar presentations

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.

Data Protection & Privacy in the Information Age COMNET – Legal Frameworks for ICTs Malta 2013 Dr Antonio Ghio Dr Jeanine Rizzo.
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) 21.6.2012 FIM for research collaboration workshop Mikael Linden,

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,
Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.

Introduction to basic principles of Regulation (EC) 45/2001 Sophie Louveaux María Verónica Pérez Asinari.
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna 17-18 Oct 2011

Innovation through participation eduGAIN federation operator training eduGAIN policy eduGAIN training in Vienna Oct 2011
REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.

REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.
Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.

Security Incident Response Trust Framework for Federated Identity (Sir-T-Fi) David Kelsey (STFC-RAL) REFEDS, Indianapolis 26 Oct 2014 and now abbreviated.
Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.

Trust and Security for FIM (Sirtfi/SCI) David Kelsey (STFC-RAL) FIM4R at CERN 4 Feb 2015.
LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,

LexisNexis Confidential EU Privacy Framework Michael Lamb LexisNexis Risk Solutions Vice President and Lead Counsel: Regulatory, Privacy & Policy May 19,
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service 2012-02-27 Federated Identity Systems.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.
Networks ∙ Services ∙ People www.geant.org Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.

Networks ∙ Services ∙ People Mandeep Saini TF-MSP, Espoo, Finland Service Delivery and Adoption 10 th Sep 2015 Task Leader, GN4-1 SA7 T3.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.

Similar presentations

Ads by Google