1 / 11

eduGAIN policy: A worm report

eduGAIN policy: A worm report. TF-EMC2 Vienna 17.2.2010 Mikael Linden, CSC The worm farmer. GN3 Service Activity 3 Task 3: eduGAIN. A project that implements the framework to interconnect the various AAI federations in Europe Builds on GN2/JRA5 eduGAIN Deliverables and milestones

esloan
Download Presentation

eduGAIN policy: A worm report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. eduGAIN policy: A worm report TF-EMC2 Vienna 17.2.2010 Mikael Linden, CSC The worm farmer

  2. GN3 Service Activity 3 Task 3:eduGAIN • A projectthatimplements the framework to interconnect the various AAI federations in Europe • Builds on GN2/JRA5 eduGAIN • Deliverables and milestones • 10/2009: use case analysis • 4/2010: eduGAINservice definition and policy • 10/2010: service rollout plan • 4/2011: pilot phase with five NRENs • SA3 Activity Leader: Josh Howlett • SA3T3 Task Leader: Valter Nordh • SA3T3 policy subtask Leader: Mikael Linden

  3. Layered approach to eduGAIN policy documentation • Documentjoining federation signs (2-3 pages) • Eitherunilateraldeclarationorbilateralagreement • Refers to constitution • 2. Documents NREN PC approves and updates • eduGAINconstitution (5-10 pages) • Mandatoryfeatures High level policy stuff Technical details • 3. DocumentsTechnicalSteeringGroupsapproves • Technicalstuff • recommendations and profiles

  4. Policy: done so far • Identified possible policy issues (”policy worms”) • Put the issues in categories 1, 2 and 3 (”dartboard”) • Spent quite a time on drafting a data protection profile • To cover the data protection directive • Not covered in this speak • Drafted metadata terms of Use • Discussed if eduGAIN is joined by signing a unilateral declaration or a bilateral agreement • First draft of eduGAIN ”constitution” (covered next) • http://wiki.geant.net/bin/view/SA3/T3Sandbox

  5. Edugain constitution draft (1/7)Confederation governance • NREN PC • Updates constitution • Decides on peering • Technical Steering Group • One delegate for each participant federation • Prepares issues for NREN PC • Approves other documents • Operational Team • Daily technical issues

  6. Edugain constitution draft (2/7) Joining eduGAIN • Who may join? • GN3 consortium members’ federations • Other federations that NREN PC approve • Requirements for joining federations • Incident handling… • Support for local Providers .. • … • Process • Applicant signs agreement • OT(?) checks requirements are fulfilled • If necessary, NREN PC approves

  7. Edugain constitution draft (3/7) Attributes and Privacy • recommended attributes (that IdPs SHOULD populate) • Common name • eduPersonAffiliation, eduPersonScopedAffiliation • schacHomeOrganisation, schacHomeOrganisationType • Data protection profile • Optional for IdPs and SPs • Helps providers to fulfill the requirements from Data protection directive

  8. Edugain constitution draft (4/7) User experience, branding, IPR • TSG defines and OT operates a discovery service? • Participant federations recommend to SPs that ”eduID (if any)” is used as the brand towards end users? • eduGAIN is a registered trademark of Dante

  9. Edugain constitution draft (5/7) Quality of IdP-side IdM • Level of assurance for identities • IdPs provide only up-to-date user identities (e.g. eP[S]A values) • TSG approves a detailed profile • Level of assurance for authentication • TSG approves a detailed profile

  10. Edugain constitution draft (6/7) Audits • eduGAIN operations • To be agreed between eduGAIN/Dante and OT • Participating federation operations • No audits • Participating IdPs and SPs • No audits

  11. Edugain constitution draft (7/7) Technical profiles TSG approves • SAML2 profile • Metadata profile • Other profiles

More Related