Presentation is loading. Please wait.

Presentation is loading. Please wait.

Networks ∙ Services ∙ People www.geant.org Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT.

Published byPaulina Marshall Modified over 8 years ago

Similar presentations

Presentation on theme: "Networks ∙ Services ∙ People www.geant.org Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT."— Presentation transcript:

1 Networks ∙ Services ∙ People www.geant.org Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT Where are we?

2 Networks ∙ Services ∙ People www.geant.org Slide 2 Lots of Federations…

3 Networks ∙ Services ∙ People www.geant.org Identity Federations: World Wide 42 Production Federations 14 Pilot Federations Last update April 2015

4 Networks ∙ Services ∙ People www.geant.org eduroam Federations: World Wide last update June 2015, www.eduroam.org eduroam (74) Pilot (16) :-(

5 Networks ∙ Services ∙ People www.geant.org eduGAIN & Federation Status April 2015 32 eduGAIN Members 9 Joining eduGAIN 3 Candidate Federation 12 Other Federations

6 Networks ∙ Services ∙ People www.geant.org eduGAIN & Federation Status June 2015 33 eduGAIN Members 8 Joining eduGAIN 4 Candidate Federation 13 Other Federations

7 Networks ∙ Services ∙ People www.geant.org eduGAIN & Federation Status June 2015 33 eduGAIN Members 8 Joining eduGAIN 4 Candidate Federation 13 Other Federations

8 Networks ∙ Services ∙ People www.geant.org April 2011: Official start of eduGAIN Nov 2013: 21 Federations are members (50%), 5 joining Apr 2014: 24 Federations are members (51%), 6 joining April 2015: 32 Federations are members (57%), 9 joining June 2015: 33 Federations are members (58%), 8 joining, 4 candidates Entities: 1285 IdPs, 961 SPs (2244 in total) One IdP can represent for dozens of organisations and services depending on federation architecture => actual numbers are higher Whole (academic) SAML landscape: 56 Federations, 3007 IdPs, 6514 SPs (gathered from metadata) Not all of them need to be interfederated, e.g. many internal SPs Numbers from June 2015 eduGAIN: Some Statistics

9 Networks ∙ Services ∙ People www.geant.org 9

10

11 WHAT DO WE DO? ENTITY CATEGORIES FIM4R / SIRTFI FEDERATION TEMPLATES VIRTUAL ORGANISATIONS MONITORING SPECIFICATIONS AND SCHEMAS

12

13 What is an Entity Category? Entity Categories group federation entities that share common criteria. obliged to conform to the characteristics set out in the definition of that category. Can be SP or IdP tagged. a way to facilitate IdP decisions to release a defined set of attributes to SPs (scaling attribute release policies). Other use cases (see hide-from-discovery). Expressed as a SAML Attribute.

14 CONSENTThe data subject has unambiguously given his consent. CONTRACTUALProcessing is necessary for the performance of a contract to which the data subject is party. LEGAL OBLIGATIONProcessing is necessary for compliance with a legal obligation to which the data controller is subject. VITAL INTERESTProcessing is necessary in order to protect the vital interests of the data subject. PUBLIC INTERESTProcessing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller or in a third party to whom the data are disclosed. LEGITIMATE INTERESTS Processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party or parties to whom the data are disclosed.

15 SAFEGUARDSTRANSPARENCY IMPACT MANAGEMENT LEGITIMATE REASONS BALANCECASE BY CASE https://wiki.refeds.org/display/ENT/Guidance+on+justification+for+att ribute+release CAN I RELEASE ATTRIBUTES?

16 7-STEP PLAN Check that Legitimate Interests is the best approach. STEP ONE Qualify the legitimacy of the request – lawful, clearly articulated, real need. STEP TWO Determine whether the processing is necessary to achieve the goal. STEP THREE

17 7-STEP PLAN Balance the data controller’s needs against the interests of the subjects. STEP FOUR Identity safeguards you can put in place (tech design etc). STEP FIVE Demonstrate (publish) compliancy. STEP SIX Allow the user to opt-out. STEP SEVEN

18 18 Connect | Communicate | Collaborate The Starting Point – FIM4R and TERENA AAA Study Non-web- browser Homeless users Attribute release Credential translation User friendliness Attribute aggregation Levels of Assurance Bridging Communitie s 30+ Research Infrastructures in Europe Countless more “long tail” users

19 Networks ∙ Services ∙ People www.geant.org Thank you and any questions Networks ∙ Services ∙ People www.geant.org © GEANT Limited on behalf of the GN4 Phase 1 project. The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No. 691567 (GN4-1). 19

Download ppt "Networks ∙ Services ∙ People www.geant.org Nicole Harris UK federation meeting eduGAIN, REFEDS and the UK 23 June 2015 Project Development Officer GÉANT."

Similar presentations

CLARIN AAI, Web Services Security Requirements

CLARIN AAI, Web Services Security Requirements
Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC 2014 20 May 2014 Dublin.

Federated Identity Management for Researchers – A quick overview from GÉANT BoF TNC May 2014 Dublin.
Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) 21.6.2012 FIM for research collaboration workshop Mikael Linden,

Innovation through participation GÉANT Data Protection Code of Conduct (DP CoC) FIM for research collaboration workshop Mikael Linden,
Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012

Innovation through participation Attributes Release Working Group European data protection directive REFEDS meeting 22th Apr, 2012
EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.

EduGAIN – Are we there yet? Lukas Hämmerle (ghost writer, Brook Schofield) FIM4R, Helsinki – 2 October 2013.
Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.

Interfederation subgroup of InCommon Technical Advisory Committee (TAC) spaces.internet2.edu/display/incinterfed.
REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.

REFEDS RESEARCH AND EDUCATION (R&S) ENTITY CATEGORY NICOLE HARRIS.
Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service 2012-02-27 Federated Identity Systems.

Innovation through participation Interfederation through eduGAIN - steps and challenges eduGAIN interfederation service Federated Identity Systems.
Www.geant.org AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.

AARC Overview Licia Florio, David Groep 21 Jan 2015 presented by David Groep, Nikhef.
The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.

The ReFEDS/GÉANT Code of Conduct (CoC) An Approach to Compliance with the EU Data Protection Directive Steve Carmody April 23, 2012.
Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.

Federated Identity Management for HEP David Kelsey WLCG GDB 9 May 2012.
Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.

Updates Licia Florio, TERENA REFEDS Meeting 5 Sept 2012.
Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader Enabling Users

Connect communicate collaborate GÉANT3plus Enabling Users Pilots Lukas Hämmerle Task Leader "Enabling Users"
Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.

Identity Federation Policy Marina Vermezović, AMRES Federated Identity Technology Workshop Sofia, Bulgaria, 20. Jun 2014.
Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.

Authentication and Authorisation for Research and Collaboration Licia Florio (GÉANT) Christos Kanellopoulos (GRNET) Service orientation.
INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.

INTERNATIONAL E-DISCOVERY: WHEN CULTURES COLLIDE Alvin F. Lindsay Hogan & Hartson LLP.
10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.

10/25/2015 AEB/Yleisesittely Organising Federated Identity in Finnish Higher Education TNC2005 Mikael Linden June 8th, 2005.
Https://aarc-project.eu Authentication and Authorisation for Research and Collaboration Pilots on the Integrated R&E AAI Paul van Dijk, Activity Lead Pilots.

Authentication and Authorisation for Research and Collaboration Pilots on the Integrated R&E AAI Paul van Dijk, Activity Lead Pilots.
Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.

Géant-TrustBroker project overview Slides assembled by the Géant-TrustBroker team at Leibniz Supercomputing Centre, Germany for a short presentation by.
INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

INTRODUCTION: THE FIRST TRY InCommon eduGAIN Policy and Community Working Group.

Similar presentations

Ads by Google